Hypertext Transfer Protocol Secure (HTTPS)

Hypertext Transfer Protocol Secure (HTTPS) is an application layer protocol used for secure communication over an insecure computer network, for example over the Internet. It is a secure version of HTTP; it uses the Transport Layer Security (TLS) protocol to encrypt the traffic between the client and the web server.

HTTPS creates a secure channel for two hosts to communicate over an insecure network (most commonly the Internet). Since HTTP sends all data in clear text, HTTPS can be used instead to encrypt sensitive information, for example usernames and passwords. Because HTTPS requires more resource than HTTP, it is usually used only to protect sensitive information (e.g. login credentials or credit card numbers), but many websites today use HTTPS for the entire site. For example, Google uses HTTPS by default on its global search pages.

HTTPS URLs begin with https, as in https://gmail.com. The whole HTTPS encyption process happens in the backgroud and is transparent to the user. In Firefox, a lock icon appears left of the URL, indicating that the requested website is using HTTPS:

https lock

 

HTTPS uses a well-known TCP port 443. If the port is not specified in a URL, browsers will use this port when sending HTTPS request. For example, you will get the same result when requesting https://gmail.com and https://gmail.com:443.
Geek University 2022