Home / Internet / What is Https and SSL? and how it works? Explained in Simple English

What is Https and SSL? and how it works? Explained in Simple English

What is Https and SSL?

The common Question asked by many newbies that what is HTTPS, when the letter “s” comes to what is httpstheir attention. When I was a newbie on internet same question was to make me curious to know what that “s” does in http. The only answer I understood is “secure”. For newbies, its difficult to understand all the technical jargon words which just bounce above your head. However its not a rocket science, we would see what https does and how its going to benefit or help us on web.

  • http stands for “Hyper Text Transfer Protocol”, the basic form of browsing web on internet which send data over http without encryption.
  • https is “Hyper Text Transfer Protocol Secure”, the safe way to browse site or page which is encrypted and Secure to send or receive private data or information

 what is http and ssl

What is Https?

Https is a secure protocol which is used to send or receive data securely on internet with the help of SSL (Secure Socket Layer). HTTPS connections are often used for payment transactions on the World Wide Web or secure ecommerce transactions, such as online banking. Https encrypt the secession or page with digital certificate i.e HTTPS over SSL(Secure Socket Layer) which is used by web browser.

 

What is SSL?

SSL is an acronym for Secure Socket Layer, are cryptographic protocols that provide communication security over the Internet. In Simple, SSL act has a secret agent which will exchange message secretly between two parties of sender and receiver without knowing others and keeping it safe. SSL is a global standard security technology developed by Netscape in 1994. All SSL do is, It encrypt data between Web Server and Client Web Browser so that all the sensitive information which is sent across internet should be sent safely and securely.  The Encrypted data is unreadable and cannot be decoded, so you can be rest assured that whatever data you sent is safe when you are connected to an SSL server. SSL creates a Secure Connection between Web Server and Client using 128 bit or 256 bit key encryption, so whatever personal details you share will remain private to that site and to your system. You can easily identify sites which uses SSL by looking on web address, it would generally be https, where ‘s’ indicate Secure.

 

How it Works?

In this world nothing is safe unless you lock your things from others. you might be wondering that why we are taking about lock here. To keep your things safe, you probably keep those item in locker to be kept Safe & Secure from others, in the same way, lock and key concept are used in SSL encryption too. Each SSL Certificate consists of a public key and a private key. Public key is used to Encrypt and Private key is used to Decrypt the message. When you request a secure connection by specifying https , the server reply with its SSL certificate and also send public key. Browser check the certificate and if its valid, browser reply back to the server encrypting the message with public key. The server on other end receive the message and decrypt the message using its private key and send Back an Digital Signed Acknowledgement to start SSL encrypted connection and Encrypted connection start as soon as browser on client side accept the Digital Signed Acknowledgement and Connection becomes Encrypted and safe to share information to the server.

How SSL Works

How SSL Works and How connection made between Client and Server

 

How to Identify Secure Connection?

If the connection is Encrypted then you may see a padlock on browser or many browser address bar turn into Green Color which indicates that the connection is made through SSL and it is safe to Share information. If the Padlock is showing an Cross icon, It indicates that the connection is not encrypted and its not safe to share personal information on internet. As explained above, Browser request a secure connection using https and server sends its certificate, If that certificate is not valid or expired then browser will automatically pop up an alert message saying that connection is not encrypted and padlock icon will be shown cross icon on padlock.

 identify Secure Connection

Sites which uses Https over SSL encryption :

Other than Banking sites, today even Social Networking and other sites are https, here are few sites which uses https using SSL.

Facebook

Google

Twitter

Google Plus

About Kroshan

Roshan Karkera a.k.a. k.roshan. Blogger by passion and software engineer by profession. He believes in sharing knowledge, which made him to start his own blog. He is very much keen & passionate about new technology & Science. If you'd like to connect with him, follow at Google plus or Twitter.
  • I love reading these articles beascue they’re short but informative.

    • Wow! Too generous for letting many readers of yours have also a glimpse of informative blog that could be of help to them. Thanks for the share..

  • Hi, Nice work! I saw this really great post today.

  • Hey very nice blog!! Man .. Beautiful .. Amazing .. I’ll bookmark your site and take the feeds also…I am happy to find numerous helpful info here within the submit, we want work out extra strategies in this regard, thanks for sharing.

  • Your blog is one of the better blogs I’ve came across in months. Thank you for your posts and all the best with your work and blog. Looking forward to reading new entries!

  • Kurdt

    I have a fair knowledge about PKI. Server has it certificate and keys, but user doesn’t. Does a user sends a random key (of some symmetric algorithm) encrypted with server’s public key and from that point communication is safe assuming all further communication is encrypted with that key??

    Thanks in advance.