Differences between http and https

The difference between http and https indicates that SSL encryption is used before a URL and https: // prefix. It is safer to transmit and receive information between your computer and the server. To enable SSL for a Web server, you need to obtain a server certificate and bind the certificate to the server that uses SSL. Http and https use completely different connection methods, with different ports. The former is 80, and the latter is 443. The http connection is simple and stateless ,... HTTPS is a network Protocol built by SSL + HTTP for encrypted transmission and identity authentication. more Secure than http: HTTPS (Secure Hypertext Transfer Protocol) secure Hypertext Transfer Protocol is a secure communication channel developed based on HTTP to exchange information between client computers and servers. It uses Secure Sockets Layer (SSL) for information exchange. In short, it is a secure version of HTTP.
It is developed by Netscape and built in its browser. It is used to compress and decompress data and return the results of network upload and return. HTTPS actually applies Netscape's secure full Socket Layer (SSL) as the child layer of the HTTP application layer. (HTTPS uses port 443 instead of using port 80 as HTTP to communicate with TCP/IP .) SSL uses 40-bit keywords as the RC4 stream encryption algorithm, which is suitable for business information encryption. HTTPS and SSL support X.509 digital authentication. If necessary, you can confirm who the sender is. Differences between www.2cto.com HTTPS and HTTP:
The https protocol requires a ca (CA) to apply for a certificate. Generally, there are few free certificates and you need to pay the fee. Http is hypertext transfer protocol, and information is transmitted in plain text. https is a secure ssl encrypted transmission protocol. http and https use different ports for completely different connection methods, the former is 80, and the latter is 443. The http connection is simple. The stateless HTTPS protocol is a network protocol built by the SSL + HTTP protocol that can be encrypted for transmission and identity authentication. This solution is more secure than the http protocol:
1. questions about trusted hosts. an https server must apply for a certificate from the CA to prove the purpose of the server. the client trusts the host only when the certificate is used for the corresponding server. therefore, the key applications of all banking system websites are https. the customer trusts the host by trusting the certificate. in fact, this is very inefficient, but banks are more focused on security. this does not make any sense to us. Our server adopts certificates, no matter whether it is our own issue or issue from the public, the client is our own, so we certainly trust the server.
2. data leaks and tampering during communication 1. in general, https means that the server has a certificate. a) The main purpose is to ensure that the server is the server he claims. this is the same as that in section 1.1. b) All communications between the server and the client are encrypted. i. specifically, the client generates a symmetric key and exchanges the key through the server certificate. the handshake process in the general sense. ii. all the information is encrypted. even if a third party intercepts the request, it makes no sense. because he does not have a key. of course, tampering is meaningless. 2. if you have a few requirements on the client, the client must also have a certificate. a) The client certificate is similar to a CA-authenticated identity in addition to the user name and password. the individual certificate is generally not simulated by others, so that you can further confirm your identity. b) at present, this is the practice of Professional edition of a few individual banks. The specific certificate may be using a USB flash disk as a backup carrier. www.2cto.com HTTPS must be cumbersome. a) a simple http protocol, a get and a response. because https needs to restore the key and confirm the encryption algorithm. A single handshake requires 6/7 round trips. i. in any application, too many round trips will definitely affect the performance. b) The next step is the specific http protocol. Each response or request requires the client and server to encrypt/decrypt the session content. i. although the efficiency of symmetric encryption/decryption is relatively high, it still consumes too much CPU. Therefore, it has a dedicated SSL chip. if the CPU signal can be relatively low, it will definitely reduce the performance and thus cannot serve more requests. ii. the impact of encrypted data volume. therefore, there will be so many security authentication prompts for the author xiaomijsj