What does having an S in httpS provide us?
But first, what does the S stand for?โ
The S stands for Secure in HTTPS. The full acronym decoded is a mouthful (though nothing like SHIELD ๐คฃ). HTTPS stands for Hyper Text Transfer Protocol Secure.
Why do we need SSL Certificates?โ
An SSL certificate, from here on referred to as TLS certificates, allow us to provide the following.
Confidentialityโ
All communications are encrypted between the website and the user's browser.
Authenticationโ
The certificate assures users that they are connecting to the intended server and not an imposter.
Integrityโ
It ensures that the data exchanged has not been altered during transmission.
Okay, but how does this work in practice?โ
Now that we know what the S provides to an HTTP connection let's discuss a few concepts around how trust is established (the website IS indeed who they say they are).
Certificate validationโ
Note: Most of the images are clickable to activate animations.
When you visit aqueeb.com, the first thing your browser does, is check to see if the certificate that aqueeb.com is presenting to your browser, is valid or not. One of the ways that this validation happens is by checking: