What is the difference between HTTPS and SSL? I read about them and found following:
HTTPS: HTTPS is a combination of HTTP with SSL/TLS. It means that HTTPS is basically HTTP connection which is delivering the data secured using SSL/TLS.
SSL: SSL is a secure protocol that works on the top of HTTP to provide security. That means SSL encrypted data will be routed using protocols like HTTP for communication.
I am wondering where is the difference between these two? Or both are identical?
HTTPS (Hyper Text Transfer Protocol Secure) is the secure version of HTTP where communications are encrypted by SSL/TLS. HTTPS uses TLS (SSL) to encrypt normal HTTP requests and responses, making it safer and more secure.
HTTPS is just the HTTP protocol but with data encryption using SSL/TLS. SSL is the original and now deprecated protocol created at Netscape in the mid 90s. TLS is the new protocol for secured encryption on the web maintained by IETF.
For many years, HTTPS used SSL as its standard protocol. However, there is now a newer version of SSL, which is called TLS.
The S in "HTTPS" stands for "secure." HTTPS is just HTTP with SSL/TLS. A website with an HTTPS address has a legitimate SSL certificate issued by a certificate authority, and traffic to and from that website is authenticated and encrypted with the SSL/TLS protocol.
The explanation of SSL that you've found is wrong.
SSL (Secure Socket Layer) or TLS (Transport Layer Security) works on top of the transport layer, in your examples TCP. TLS can be used for more or less any protocol, HTTPS is just one common instance of it.
HTTP is an application layer protocol.
In regular, non-encrypted HTTP, the protocol stack can look like this:
When using HTTPS, the stack looks like this:
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With