3 February 2019
How Does HTTPS Work
I’ve been learning security stuff recently, will write several posts to cover HTTPS, Certs etc. This post gives you an overview of how HTTPS works.
- Client first starts the conversation, telling the server https connection needed
- The server sends the public key and certificates to the client
- The client generates a session key, which will be used to encrypt/decrypt messages. The session key is encrypted using the public key, then sends to the server.
- The server decrypts the session key with the private key
- Both sides get the session key now, symmetric encryption will be used to protect consecutive messages