PKI Tutorials - Herong's Tutorial Examples - v2.32, by Herong Yang
HTTPS Communication Data Encryption
This section describes the HTTPS communication data encryption process - Browser generates an encryption key, encrypts it using server public key and sends it to the server; Browser encrypts data with the encryption key; Server encrypts return data with the same encryption key.
As mentioned earlier, communication encryption is also an important process to ensure the security of the HTTPS communication. The following diagram from snapblox.com shows how HTTPS communication encryption is done at a high level:
As you can see from the diagram, after it is done with the Web server authentication process (Step 1 and 2 in the diagram), the browser starts the communication encryption process with these activities:
Generating and delivering an encryption key (Step 3 in the diagram):
Sending and receiving encrypted data (Step 4 in the diagram):
The goal of HTTPS communication encryption is to build a protection on data exchanged between the browser and the server. The protected data will travel through many other systems between your browser and the server. But no other system can see the content of the data because the data is encrypted.
Can you really trust the HTTPS communication encryption? Yes, you can, if following assumptions are true:
Table of Contents
Introduction of PKI (Public Key Infrastructure)
►Introduction of HTTPS (Hypertext Transfer Protocol Secure)
What Is HTTPS (Hypertext Transfer Protocol Secure)?
HTTPS Server Authentication Process
►HTTPS Communication Data Encryption
Using HTTPS with Google Chrome
Using HTTPS with Mozilla Firefox
HTTPS with IE (Internet Explorer)
Android and Server Certificate
Windows Certificate Stores and Console
RDP (Remote Desktop Protocol) and Server Certificate
macOS Certificate Stores and Keychain Access
Perl Scripts Communicating with HTTPS Servers
PHP Scripts Communicating with HTTPS Servers
Java Programs Communicating with HTTPS Servers
.NET Programs Communicating with HTTPS Servers
CAcert.org - Root CA Offering Free Certificates
PKI CA Administration - Issuing Certificates
Comodo Free Personal Certificate
Digital Signature - Microsoft Word
Digital Signature - OpenOffice.org 3