Shulou(Shulou.com)06/01 Report--

Most people do not understand the knowledge points of this article "what's the difference between http and https", so the editor summarizes the following content, detailed content, clear steps, and has a certain reference value. I hope you can get something after reading this article. Let's take a look at this "what's the difference between http and https" article.

1. Basic interpretation

HTTP

[HyperText Transfer Protocol] HTTP is the most widely used network protocol on the Internet. It is a client-side and server-side request and response standard (TCP), which is used to transfer hypertext from the WWW server to the local browser. HTTP transmits data in clear text, which is easy to be stolen and tampered with by lawbreakers.

Hypertext transfer protocol is one of the most widely used network protocols on the Internet. All WWW files must comply with this standard.

It not only ensures that the computer transmits the hypertext document correctly and quickly, but also determines which part of the transferred document and which part of the content is displayed first.

HTTPS

[HyperText Transfer Protocol over Secure Socket Layer] is a security-oriented HTTP channel, which is simply the secure version of HTTP. That is, to add the SSL layer under HTTP, the security basis of HTTPS is SSL, so the details of encryption need SSL.

The main function of HTTPS protocol can be divided into two kinds: one is to establish an information security channel to ensure the security of data transmission; the other is to confirm the authenticity of the website.

What's the difference between 2.HTTP and HTTPS?

1. HTTPS is an encrypted transport protocol, and HTTP is a name transfer protocol.

2. SSL certificate is required for HTTPS, but not for HTTP.

3. HTTPS is more secure than HTTP, more friendly to search engines, and beneficial to SEO.

4. HTTPS standard port 443 and HTTP standard port 80

5. HTTPS is based on the transport layer and HTTP is based on the application layer.

6. HTTPS displays the green security lock in the browser, but not HTTP.

Because the data transmitted by HTTP protocol is unencrypted and is likely to be stolen or tampered with, it is very insecure to use HTTP protocol to transmit private information.

In order to ensure that these private data can be encrypted, Netscape designed the SSL (Secure Sockets Layer) protocol to encrypt the data transmitted by the HTTP protocol, thus giving birth to HTTPS.

To put it simply, HTTPS protocol is a network protocol built by SSL+HTTP protocol for encrypted transmission and identity authentication, which is more secure than HTTP protocol. To turn the HTTP protocol into a HTTPS protocol, you only need to deploy SSL digital certificates.

Advantages of 3.HTTPS:

Security:

In the current technical context, HTTPS is the most secure solution under the current architecture:

1. Use HTTPS protocol to authenticate users and servers to ensure that data is sent to the correct clients and servers

2. HTTPS protocol is a network protocol constructed by SSL+HTTP protocol for encrypted transmission and identity authentication, which is more secure than http protocol. It can prevent data from being stolen and changed in the process of transmission, and ensure the integrity of data.

3. HTTPS is the most secure solution under the current architecture. Although it is not absolutely secure, it greatly increases the cost of man-in-the-middle attacks.

Website revenue:

1. The website is more secure, and the evaluation of the corresponding website will be relatively high.

2. The website is more secure, and the landing experience of the corresponding website is also of higher quality.

3, in the search display side, do HTTPS transformation of the website, in the search transformation will appear HTTPS display style.

4. Baidu spiders give priority to crawling https sites, quickly collecting them, and giving priority to showing support to https sites to a certain extent, in order to get more traffic.

How 4.http upgrades and deploys ssl certificates

SSL certificates are basically foreign brands, such as geotrust Symantec comodo, etc., domestic service providers only act as agents such as Besheng Interconnection (bisend.cn).

Step 3:

one。 CSR document production: before applying for SSL certificate, you need to make CSR document.

CSR is a necessary step in making a SSL certificate. A CSR file describes the SSL certificate holder's information (such as personal name or company name), contact address, etc., which is used to verify that the SSL certificate and domain name are held by the same person to ensure the legitimacy of the website. Upload this file to the SSL certificate provider after production to obtain the final SSL certificate.

Matters needing attention

When applying for a server certificate, do not appear some special characters such as: (@, #, &,!, etc., for example, you can replace "&" with "and"). Otherwise, a "105" error code will appear after you submit the CSR.

two。 Application for CA Certification Certificate: submit the prepared CSR to CA

Generally speaking, there are two authentication methods for CA:

① domain name authentication: it is generally verified by the administrator's mailbox, which is fast, but the certificate issued does not contain the name of the enterprise.

② enterprise document certification: the business license of the enterprise is required.

There is also a need to authenticate both certificates, such as EV ssl certificates, which can display enterprise information directly on the browser's green address bar, so authentication is also the strictest.

three。 Certificate installation: after receiving the certificate from CA, you can deploy the certificate to the server.

The above is about the content of this article on "what's the difference between http and https". I believe we all have a certain understanding. I hope the content shared by the editor will be helpful to you. If you want to know more about the relevant knowledge, please follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.