HTTPS in depth All In One

HTTPS in depth All In One

HTTPS

Hypertext Transfer Protocol Secure

How does HTTPS work?

https://www.cloudflare.com/learning/ssl/what-is-https/

Secure Sockets Layer (SSL)
安全链路层 (old)

Transport Layer Security (TLS)
传输层安全 (new)

asymmetric public key infrastructure

非对称公钥基础结构

This type of security system uses two different keys to encrypt communications between two parties:

这种类型的安全系统使用两个不同的密钥来加密两方之间的通信

The private key - this key is controlled by the owner of a website and it’s kept, as the reader may have speculated, private.
This key lives on a web server and is used to decrypt information encrypted by the public key.

The public key - this key is available to everyone who wants to interact with the server in a way that’s secure.
Information that’s encrypted by the public key can only be decrypted by the private key.

私钥-该密钥由网站所有者控制，并且如读者所推测的那样，它是私有的。 该密钥位于Web服务器上，用于解密由公共密钥加密的信息。

公钥-想要以安全方式与服务器交互的每个人都可以使用此密钥。 用公钥加密的信息只能用私钥解密。

加密算法

1. 对称
2. 非对称

TLS handshake

https://www.cloudflare.com/learning/ssl/what-happens-in-a-tls-handshake/

https://www.cloudflare.com/learning/ssl/what-is-mixed-content/

TLS

https://www.cloudflare.com/learning/ssl/transport-layer-security-tls/

1. Encryption: hides the data being transferred from third parties.
2. Authentication: ensures that the parties exchanging information are who they claim to be.
3. Integrity: verifies that the data has not been forged or tampered with.

加密：隐藏从第三方传输的数据。
认证：确保交换信息的各方是他们声称的身份。
完整性：验证数据是否未被伪造或篡改。

SSL

https://www.cloudflare.com/learning/ssl/what-is-ssl/

https://www.cloudflare.com/learning/ssl/how-does-ssl-work/

Asymmetric Encryption

非对称加密

https://www.cloudflare.com/learning/ssl/what-is-asymmetric-encryption/

refs

---

---

©xgqfrms 2012-2020

www.cnblogs.com/xgqfrms 发布文章使用：只允许注册用户才可以访问！

原创文章，版权所有©️xgqfrms, 禁止转载 🈲️，侵权必究⚠️！

---