What Is HTTPS?
This section provides a quick introduction to HTTPS (Hypertext Transfer Protocol Secure) - A combination of HTTP (Hypertext Transfer Protocol) and SSL (Secure Socket Layer) or TLS (Transport Layer Security).
What is HTTPS?
HTTPS (Hypertext Transfer Protocol Secure) is HTTP over SSL or TLS.
HTTP (Hypertext Transfer Protocol) is an application layer protocol used to transfer HTTP requests and HTTP responses
for Web based applications. SSL (Secure Socket Layer) or TLS (Transport Layer Security) is a communication layer protocol
used to encrypt application data prior to transmission and decrypting it upon arrival to ensure that no one else can
read the original application data.
All financial Web sites are using HTTPS now, to protect your financial information being transmitted between your computer
and the financial institute server. Since your financial information will be transmitted through many gateway computers,
So you don't have to worry about someone else is looking at your information on a gateway computer, like your Internet
service provider's server. All they can see is encrypted data, not the original data.
There are several technical notes about HTTPS:
- The default port number is 443 for HTTPS. Port 80 is still reserved for HTTP.
- "https://" must be used as Web address prefix to invoke the HTTPS protocol in Web browsers.
- A single Web site may run both HTTP and HTTPS servers: HTTP to serve non-secured contents and
HTTPS to serve secured contents.
- Web browsers will give warnings when switching a secured page to a non-secured page.
- The HTTPS server must have a public key signed by a certificate authority.
- Web browsers will give errors when a HTTPS server provides a certificate that cannot be validated against any
- Web browsers do allow you to review public key certificates received from HTTPS servers.
A simple HTTPS server program will be provided in this chapter to confirm some notes mentioned above.
Table of Contents
About This JDK Tutorial Book
JDK (Java Development Kit)
Java Date-Time API
Date, Time and Calendar Classes
Date and Time Object and String Conversion
Number Object and Numeric String Conversion
Locales, Localization Methods and Resource Bundles
Calling and Importing Classes Defined in Unnamed Packages
HashSet, Vector, HashMap and Collection Classes
Character Set Encoding Classes and Methods
Character Set Encoding Maps
Encoding Conversion Programs for Encoded Text Files
Socket Network Communication
Datagram Network Communication
DOM (Document Object Model) - API for XML Files
SAX (Simple API for XML)
DTD (Document Type Definition) - XML Validation
XSD (XML Schema Definition) - XML Validation
XSL (Extensible Stylesheet Language)
Message Digest Algorithm Implementations in JDK
Private key and Public Key Pair Generation
PKCS#8/X.509 Private/Public Encoding Standards
Digital Signature Algorithm and Sample Program
"keytool" Commands and "keystore" Files
KeyStore and Certificate Classes
Secret Key Generation and Management
Cipher - Encryption and Decryption
The SSL (Secure Socket Layer) Protocol
SSL Socket Communication Testing Programs
SSL Client Authentication
►HTTPS (Hypertext Transfer Protocol Secure)
►What Is HTTPS?
HttpsHello.java - HTTPS Server Test Program
HttpsClient.java - HTTPS Client Test Program
HttpsClient.java Failed with JDK 1.8
Using SO_LINGER Socket Option
Connecting to HttpsHello.java with IE
HttpsEchoer.java - A Better HTTPS Server
Full Version in PDF/EPUB