1. HTTPS is added to the SSL layer, and the encryption process is as follows:
- The server returns the public key;
- The client generates a random private key by itself, encrypts it with the public key, and sends the encrypted private key;
- The client communicates with the server through the encrypted private key.
2. The difference between HTTP and HTTPS:
- HTTPS is more secure, but not absolutely secure, and most of the time it is powerless in the face of malicious attacks;
- HTTPS requires money to apply for a certificate;
- HTTPS connections are more time-consuming and have problems with caching;
Reference:
1. The difference between HTTP and HTTPS