An extension of HTTPS is HTTP (Hypertext Transfer Protocol), which provides an encrypted connection between the web server and clients. HTTPS also uses the HTTP protocol by default on TCP port 443 on the server, as opposed to the unencrypted HTTP base protocol, which typically uses port 80. Channel encryption is TLS or SSL layers, so these names are so common that HTTPS over TLS vagy HTTPS over SSL.
The most important function of HTTPS is to authenticate the web page you want to access and to ensure the confidentiality and integrity of data traffic during communication. Protects the channel a Man-in-the-middle and bi-directional encryption to prevent eavesdropping and spoofing.
Originally, HTTPS connections were used primarily to encrypt payment transaction data on the web, to protect emails and sensitive corporate information systems, but today they are increasingly used by webmasters to authenticate their websites and protect the data of their users.
The HTTPS Uniform Resource Identifier (URI) schema uses the same syntax as HTTP, but HTTPS tells the browser to use an added encryption layer (SSL / TLS) to protect channel traffic. You can find this by starting at https: // in the address bar of your browser.
Today, the use of SSL is playing an increasingly important role on the Internet. For example, it is also a plus point in search engine search engine algorithms for a site to be accessed over HTTPS, and web browsers are increasingly displaying SSL-enabled web pages such as green padlock, green bar, and more.
Two-key encryption
HTTPS works on the principle of two-key encryption, which means that a private key and a public key are created on the web server, which consist of long strings of numbers created by a mathematical procedure. The private key is kept secret on the server, while the public key is accessible to anyone through the website. Then what is encrypted with one key can only be decrypted with the other member of the key pair. This is how encryption works in both directions. Because encryption keys can be created by anyone, this procedure has only so many beauty flaws that we can’t be sure who created the encrypted data packet, so the authenticity of the site is questionable. There are authorities or certification bodies that issue certificates for this purpose.
certification locations
The authorities issuing SSL certificates, ie Certificate Authority-k (CAs) are responsible for authenticating the public key of an encryption key pair created by server operators and then returning it to the requester, which administrators then place in an appropriate location on the server from which web browsers can read it to verify the authenticity of that site.
Issuing these SSL certificates usually costs money, but there are also free CAs. Issued SSL certificates can be divided into several categories, for example:
Domain Verified (DV) SSL
These are the cheapest SSL certificates (Domain Validated SSL), usually only one domain name are used for authentication. Most of these include the authentication of the www subdomain.
Wildcard SSL
This type of SSL authenticates all subdomains of the domain name (* .domain.tld). It is usually used on enterprise systems where the enterprise domain name has many subdomains. They are more expensive than basic SSL.
SAN SSL
With this SSL type (Subject Alternate Name), multiple domain names are authenticated simultaneously with a single certificate. This way, it is cheaper to come up with a single domain name.
OV SSL
When issuing Organization Validation SSLs, some information of the requesting company, such as Szekler, company registration, etc., is verified.
EV SSL
Extended Validation SSLs provide full authentication for a specific company. These can usually take several days or even 1-2 weeks to prepare. in this case, the authority issuing the certificate will contact the company's representative, for example, by telephone or letter, in order to personally verify the existence and authenticity of the company. These SSLs usually cost many times more than the previous ones. With this type of authentication, the green bar that appears in the address bar in browsers, and the name of the company in it, indicates the full authenticity of the company operating the website. Such SSL can usually be found on the websites of banks or on larger websites dealing with finance and money management (eg PayPal), where the authenticity and reliability of the operating company play a very important role. The price of such SSL certificates can exceed the annual fee of up to one million forints, depending on the authentication procedures of the given package. In general, these SSLs also have a very high prestige value.
Other Authentication SSLs
And there are other authentication certificates, such as certificates for digitally signing emails, which can be used to encrypt e-mail between two parties, or certificates for software developers to digitally sign issued software to prevent security alerts during installation. operating system, etc.
The Greater Certificate Authorities
You can apply for SSL certificates at multiple locations, including some of the more well-known issuing companies:
- 203 views