HTTP & HTTPS Protocol

HTTP

In HTTP, The client sends a request message to an HTTP server (after the TCP handshake) which hosts a website, the server then replies with the response message. The response message contains completion status information, such as HTTP/1.1 200 OK.

HTTPS

HTTPS transmits its data security using an encrypted connection. Basically it uses a public key which is then decrypted on the recipient side. The public key is deployed on the server, and included in what you know as an SSL certificate. The certificates are cryptographically signed by a Certificate Authority (CA), and each browser has a list of CAs it implicitly trusts. Any certificate signed by a CA in the trusted list is given a green padlock lock in the browser's address bar, because it's proven to be "trusted" and belongs to that domain.

HTTP Vs HTTPS

1) In HTTP, URL begins with “http://” whereas URL starts with “https://”.

2) HTTP uses port number 80 for communication and HTTPS uses 443.

3) HTTP is considered to be unsecure and HTTPS is secure.

4) HTTP Works at Application Layer and HTTPS works at Transport Layer

5) In HTTP, Encryption is absent and Encryption is present in HTTPS as discussed above.

6) HTTP does not require any certificates and HTTPS needs SSL Certificates.