HTTP, HTTPS principle is easy to understand

Others 2021-02-28 14:31:16 views: null

HTTP, HTTPS principle

HTTP principle

HTTP is a stateless protocol.

Stateless means that there is no need to establish a persistent connection between the client (Web browser) and the server. This means that when a client sends a request to the server, and the server returns a response, the connection is closed. The connection information is not kept on the server side;

HTTP follows 请求(Request) / 应答(Response)模型. The client (browser) sends a request to the server, and the server processes the request and returns an appropriate response. All HTTP connections are constructed as a set of requests and responses.

Address resolution

For example, use the client browser to request this page: http://www.lydms.com:8080/index.htm Decompose the protocol name, host name, port, object path and other parts from it. For our address, we can resolve it. The results are as follows:

  • Protocol name: http
  • Host name: www.lydms.com
  • Port: 8080
  • Object path: /index.htm

In this step, the domain name system DNS is required to resolve the domain name localhost.com to obtain the IP address of the host.

Encapsulate HTTP request packets

Combine the above part with the machine's own information and encapsulate it into an HTTP request packet

Encapsulate it into a TCP packet and establish a connection

Encapsulate it into a TCP packet and establish a TCP connection (TCP three-way handshake)

The client sends a request

The client sends a request command: After the connection is established, the client sends a request to the server. The format of the request method is: Uniform Resource Identifier (URL), protocol version number, followed by MIME information including (request modifier, client information And possible content) .

Server response

After the server receives the request, it will give the corresponding response information,Its format is a status line, Including the protocol version number of the message, a success or error code, followed by MIME information including server information, entity information and possible content .

The server closes the TCP connection

Generally, once the web server sends the request data to the browser, it will close the TCP connection, and then if the browser or server adds this line of code to its header Connection:keep-alive, the TCP connection will remain open after sending, so , The browser can continue to send requests through the same connection. Keeping connected saves the time required to establish a new connection for each request and also saves network bandwidth.

HTTPS

HTTPS (full name: Hypertext Transfer Protocol over Secure Socket Layer) is an HTTP channel with security as the goal. Simply put, it is a secure version of HTTP . That is, the SSL layer is added to HTTP, and the security foundation of HTTPS is SSL. The port number used is 443 . The process is roughly as follows:

The relationship between SSL/TLS

SSL is the abbreviation of "Secure Sockets Layer" in English, and "Secure Sockets Layer" in Chinese.

It was designed by Netscape in the mid-1990s.Why invented the SSL protocol?

Because the original HTTP protocol used on the Internet is plaintext, there are many shortcomings-such as the transmission content will be peeped and tampered with. The SSL protocol was invented to solve these problems.

By 1999, SSL had become the de facto standard on the Internet because of its wide application. The IETF standardized SSL in that year. After the standardization, the name was changed to TLS (short for "Transport Layer Security"), and the Chinese name is "Transport Layer Security Protocol".

Many people call the two together (SSL/TLS) because they can be regarded as different stages of the same thing.

Establish a connection to obtain a certificate

After the SSL client establishes a connection with the server via TCP (port 443), and requests a certificate during the normal TCP connection negotiation (handshake) process.

That is, the client sends a message to the server. This message contains a list of its own achievable algorithms and some other required messages. The SSL server will respond with a data packet, which determines the algorithm required for this communication, and then The server returns the certificate to the client. (The certificate contains server information: domain name. The company that applies for the certificate, and the public key ).

Certificate verification

After the client receives the certificate returned by the server, it determines the public issuing authority that issued the certificate and uses the public key of this authority to confirm whether the signature is valid. The client also ensures that the domain name listed in the certificate is the domain name it is connecting to.

Data encryption and transmission

If it is confirmed that the certificate is valid, a symmetric key is generated and encrypted with the public key of the server. Then it is sent to the server, and the server uses its private key to decrypt it, so that the two computers can start communicating with symmetric encryption.
Insert picture description here

Guess you like

Origin blog.csdn.net/qq_32727095/article/details/114171852
Recommended
Ranking
error: (-215:Assertion failed) !_img.empty() in function ‘cv::imwrite‘
Database migration between Navicat servers
Minimum number of rotation of the array: Array
balenaEtcher for mac (make a boot disk software) v1.5.67
Custom processing serialization and deserialization in jackson
Mu-en-mask system development software
Mastering Regular Expressions
Find mileage Java--
Web pages can not directly concern the public micro-channel number how to do? A key to arouse public concern number of micro-channel solutions
[CodeForces - 739B] Alyona and a tree Tree + [difference] + bipartite
Daily
More
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)

Code World

© 2018 codetd.com