HTTP - HTTPS scheme (HTTP-over-TLS)

HTTP - HTTPS scheme (HTTP-over-TLS)
- About
- Management
  - Port
  - Deploying
  - Mandatory

About

The https scheme represents HTTP-over-TLS ¹⁾

HTTP is a application protocol (OSI level 7) that is build on TCP as transport layer (OSI level 3)

HTTPS is essentially HTTP after the connection has been secured with TLS (ie SSL, ie TCP with SSL) (ie when the SSL handshake (negotiation) has succeed).

Chrome:

Management

Port

The port is 443.

Deploying

See How to enable SSL on a server (ie HTTPS on a web server) ?

Mandatory

To make https mandatory for a website, set the Strict Transport Security (HSTS) header

¹⁾

https://tools.ietf.org/html/rfc2818

Recommended Pages

Authentication - Method / Protocol / Scheme

The authentication methods / construct / protocol validates the identity of a user (ie validates who you are). The method is implemented by a (identify|authentication) provider. Articles Related Metho "...

OAuth - Token Endpoint

OAuth - Token Endpoint About The token endpoint is an authorization endpoint used by the client to obtain an access token by presenting its: * authorization grant * or refresh token. The toke "...

Authentication - Basic Authentication (HTTP)

Basic Access Authentication is an Authentication mechanism from HTTP auth. Basic access authentication uses the easily reversible Base64 encoding making it non-secure unless used in conjunction with T "...

Cryptography - Key

A key is a parameter used in a cipher algorithm that determines the encryption operation (forward) and the decryption operation (backward). It's the only secret parameter that protect the anonymity of "...

HTTP - Strict Transport Security (HSTS) - mandatory HTTPS

Strict Transport Security (HSTS) is a header that tells the client that the website should always be contacted with HTTPS Effect When HSTS is on, if it's not possible to make a https connection (for i "...

HTTP - Cookie (Set-Cookie Header )

A cookie is a key-value data and some associated It is: set: by the server side with a HTTP response and the Set-Cookie header and eventually on a client side with the browser web api stored in "...

HTTP - Host Header

host in the context of HTTP is a header field that: indicates the destination of the request and is part of the origin definition The Host field value is the network location of the origin server or "...

HTTP - Port (80, 443)

The HTTP request are routed to the destination server defined by the host and port of the request URL authority. If the port is not defined, the default ports are: 80 for the http scheme 443 for the "...

How to enable SSL on a server (ie HTTPS on a web server) ?

This page shows you how to configure a certificate and a private key for a server in order to enable SSL or a web server (http) (ie web site) in order to enable https (ie HTTP over SSL).

Identification Material - Certificate (or Public Key Certificate)

A certificate is a document which permits to define with certainty the owner of the private key (ensures that the party you are communicating with is whom you think.) because it's digitally signed A c "...

Share this page: