While we may use the standard HTTP every single day to access all of our favourite websites, sometimes we may also be using HTTPS when we are online. If you are visiting PayPal you are using this protocol or even when you are making an online purchase. It is known as Hypertext Transfer Protocol over Secure Socket Layer and it is a combination of the HTTP protocol with that of the Secure Sockets Layer or SSL. These are not separate protocols but actually used in conjunction with one another as a means of creating an encrypted connection. This encryption is important because if there is an eavesdropper using a program or a virus, they cannot monitor the information passing over the connection without the proper certificate and only the browser has access to it.
In most cases, when making contact with a secured web server, your browser is told to remake the connection on another port. While the standard HTTP occurs on port 80, the server can designate any unused port for further security. In most cases it is going to ask for you to connect to the server via port 443 after which the server will pass what is known as a certificate. This certificate is more or less a security key which allows the browser to decrypt the page as it loads and therefore preventing anyone other than you from seeing the data sent over the connection.
In order to use a secured socket layer, the web server has to have those capabilities however this is a fairly easy accomplishment as there are a number of open source and completely free programs that can create these connections on a Linux server. The certificates though, these are what cost the most. These are advanced 128 bit encrypted certificates and they are unique to the website. While it is completely possible for you to build your own certificate, there is no guarantee that the connection will be totally secure.
On top of all of this, secured socket connections require independent IP addresses as they are all independent from one another which is why most web hosting companies may offer a shared certificate, however the website’s visitors will have to access another IP when in HTTPS.
When one connects to a website using this Hypertext Transfer Protocol over Secure Socket Layer, in most cases one would never even know it. However the browsers will let you know. Not only will you see the URL of the webpage change from http:// to https://, but there is usually also a padlock looking icon displayed on the browser somewhere. Furthermore, in the case of Internet Explorer, you may also get a notice asking you whether you are willing to accept a certificate depending on your browser settings. Original Authors: Nick
Edit Update Authors: M.A.Harris
Updated On: 30/01/2009