23.10.2024

Administration

Security

What Is the HTTPS Protocol and How Does It Work

HTTPS (HyperText Transfer Protocol Secure) is the encrypted version of HTTP, combining the standard web transfer protocol with TLS (Transport Layer Security) to create an authenticated, encrypted channel between a client browser and a web server. Every byte of data transmitted over HTTPS is cryptographically protected, meaning neither passive eavesdroppers nor active man-in-the-middle attackers can read or silently modify the payload in transit.

In practical terms: when a browser connects to https://example.com, it first completes a TLS handshake that authenticates the server's identity via a signed certificate, negotiates a cipher suite, and derives symmetric session keys — all before a single byte of application data is exchanged. Only after that handshake succeeds does the HTTP request travel across the wire, fully encrypted.

HTTP vs. HTTPS: A Direct Comparison

Feature	HTTP	HTTPS
Protocol layer	Application (TCP/IP)	Application over TLS
Default port	80	443
Data encryption	None	AES-256-GCM or ChaCha20-Poly1305 (TLS 1.3)
Server authentication	None	X.509 certificate signed by a trusted CA
Data integrity	None	HMAC / AEAD cipher guarantees
SEO ranking signal	Neutral (penalized)	Positive ranking factor
Browser indicator	"Not Secure" warning	Padlock icon
Performance (HTTP/2, HTTP/3)	Limited support	Full support (requires TLS)
HSTS support	No	Yes
Susceptibility to MITM	High	Negligible when configured correctly

The TLS Handshake in Depth

Understanding the handshake is the foundation for diagnosing certificate errors, tuning server performance, and hardening security configurations. The process differs slightly between TLS 1.2 and TLS 1.3 — and the difference matters operationally.

TLS 1.2 Handshake (Legacy)

ClientHello — The browser sends supported cipher suites, TLS version, and a random nonce (client_random).
ServerHello — The server selects a cipher suite and sends its own nonce (server_random).
Certificate — The server transmits its X.509 certificate chain for the browser to validate against its trusted CA store.
ServerKeyExchange — For ephemeral Diffie-Hellman (ECDHE), the server sends its DH parameters signed with its private key.
ClientKeyExchange — The browser generates a pre-master secret, encrypts it with the server's public key (RSA) or computes a shared DH secret (ECDHE), and sends it.
ChangeCipherSpec / Finished — Both sides derive session keys from client_random, server_random, and the pre-master secret, then confirm with a Finished message.

Total round trips before data: 2 RTT.

TLS 1.3 Handshake (Current Standard)

TLS 1.3, standardized in RFC 8446, eliminates several legacy mechanisms and reduces latency significantly:

ClientHello — The browser includes its key share (ECDHE public value) immediately, alongside supported cipher suites. No RSA key exchange is permitted.
ServerHello + EncryptedExtensions + Certificate + CertificateVerify + Finished — The server responds in a single flight, already encrypting extensions and its certificate using a derived handshake key.
Client Finished — The browser verifies the server certificate and sends its Finished message. Application data can flow immediately after.

Total round trips before data: 1 RTT. With 0-RTT resumption (session tickets), returning visitors can send data on the very first packet — though this introduces replay-attack considerations that require careful server-side handling.

Key TLS 1.3 improvements over 1.2:

Removed RSA key exchange (no forward secrecy risk)
Removed MD5, SHA-1, RC4, DES, 3DES
Mandatory forward secrecy via ECDHE
Encrypted certificate transmission (reduces metadata leakage)
Faster handshake reduces page load time measurably on high-latency connections

Certificate Types and What They Actually Protect

Not all SSL/TLS certificates are equivalent. Choosing the wrong type is a common operational mistake.

Domain Validation (DV)

Issued within minutes by automated systems (e.g., Let's Encrypt). Proves the certificate holder controls the domain's DNS or web server. Provides full encryption but zero identity verification of the organization behind the domain. Suitable for blogs, personal projects, and internal tools.

Organization Validation (OV)

The CA manually verifies the legal existence of the organization. The certificate embeds the company name. Suitable for business websites and SaaS platforms where brand trust matters.

Extended Validation (EV)

The most rigorous vetting process. Historically displayed a green address bar with the company name in browsers; modern browsers have reduced this visual distinction, but EV certificates still embed verified legal entity information in the certificate itself. Suitable for financial institutions and high-value e-commerce.

Wildcard Certificates

A single certificate covers a domain and all its first-level subdomains (*.example.com). Critical caveat: a wildcard does not cover second-level subdomains (*.sub.example.com requires a separate wildcard). Compromise of a wildcard private key exposes all subdomains simultaneously — a significant blast radius.

Multi-Domain (SAN) Certificates

Subject Alternative Names (SANs) allow a single certificate to cover multiple distinct domains (example.com, example.net, shop.example.org). Ideal for hosting environments managing multiple properties from one server.

Why HTTPS Is Non-Negotiable in 2025

Encryption of Sensitive Data

Without TLS, every packet between a user and your server traverses potentially hostile network infrastructure — public Wi-Fi access points, ISP transparent proxies, and BGP-hijacked routes. Credentials, session tokens, payment data, and form submissions are all plaintext and trivially captured with tools like Wireshark. HTTPS eliminates this attack surface entirely.

Authenticated Server Identity

The certificate chain of trust prevents DNS spoofing and ARP poisoning attacks from silently redirecting users to a fraudulent server. When a browser validates a certificate, it confirms three things: the certificate was signed by a CA in its trusted store, the domain name matches the certificate's CN or SAN fields, and the certificate has not expired or been revoked (checked via OCSP or CRL).

Data Integrity via AEAD Ciphers

Modern TLS cipher suites use Authenticated Encryption with Associated Data (AEAD) — specifically AES-256-GCM or ChaCha20-Poly1305. These provide both confidentiality and integrity in a single operation. Any bit-flip or injection attempt during transit causes the MAC verification to fail, and the connection is immediately terminated. This prevents content injection attacks where ISPs or malicious intermediaries insert ads, tracking scripts, or malware into HTTP responses.

SEO and Ranking Signals

Google confirmed HTTPS as a ranking signal in 2014 and has progressively increased its weight. Beyond the direct ranking factor, Chrome's "Not Secure" warning on HTTP pages measurably increases bounce rates — a behavioral signal that indirectly suppresses rankings. HTTP/2 and HTTP/3 (QUIC), which deliver significant performance improvements, require TLS in all major browser implementations. Faster pages rank better; HTTPS is the prerequisite.

HSTS and Preloading

HTTP Strict Transport Security (Strict-Transport-Security header) instructs browsers to refuse all HTTP connections to a domain for a specified max-age period, even before a redirect occurs. Submitting your domain to the HSTS preload list hardcodes this behavior into browser binaries, eliminating the first-visit vulnerability window entirely.

Implementing HTTPS: A Production-Grade Walkthrough

Step 1: Obtain an SSL/TLS Certificate

Let's Encrypt (free, automated) is the standard choice for most deployments. Certbot is the reference ACME client:

sudo apt update && sudo apt install certbot python3-certbot-nginx -y
sudo certbot --nginx -d example.com -d www.example.com

For Apache:

sudo apt install certbot python3-certbot-apache -y
sudo certbot --apache -d example.com -d www.example.com

Certbot automatically modifies your virtual host configuration and sets up a cron job or systemd timer for renewal. Let's Encrypt certificates expire after 90 days; automated renewal runs every 60 days by default.

To test renewal without making changes:

sudo certbot renew --dry-run

For production environments requiring OV or EV certificates, purchase from a commercial CA (DigiCert, Sectigo, GlobalSign) and follow their manual issuance process. AlexHost's SSL Certificates page covers available options including both DV and commercial certificates.

Step 2: Install and Configure the Certificate on Your Web Server

Nginx example (/etc/nginx/sites-available/example.com):

server {
    listen 443 ssl http2;
    server_name example.com www.example.com;

    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;

    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305';
    ssl_prefer_server_ciphers off;
    ssl_session_cache shared:SSL:10m;
    ssl_session_timeout 1d;
    ssl_session_tickets off;

    add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always;
    add_header X-Frame-Options DENY;
    add_header X-Content-Type-Options nosniff;

    root /var/www/example.com;
    index index.php index.html;
}

Apache example (/etc/apache2/sites-available/example.com-ssl.conf):

<VirtualHost *:443>
    ServerName example.com
    ServerAlias www.example.com
    DocumentRoot /var/www/example.com

    SSLEngine on
    SSLCertificateFile /etc/letsencrypt/live/example.com/cert.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
    SSLCertificateChainFile /etc/letsencrypt/live/example.com/chain.pem

    SSLProtocol -all +TLSv1.2 +TLSv1.3
    SSLCipherSuite HIGH:!aNULL:!MD5
    SSLHonorCipherOrder off

    Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
</VirtualHost>

Step 3: Force HTTPS with a Permanent 301 Redirect

Nginx — add a separate server block:

server {
    listen 80;
    server_name example.com www.example.com;
    return 301 https://$host$request_uri;
}

Apache — in .htaccess or the HTTP virtual host:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

Use 301 (permanent) rather than 302 (temporary). A 302 does not pass link equity and does not update browser caches, meaning users will continue hitting HTTP on every new session.

Step 4: Resolve Mixed Content

Mixed content occurs when an HTTPS page loads subresources (images, scripts, stylesheets, iframes) over HTTP. Browsers block or warn on mixed content, breaking page functionality and eliminating the security guarantees of HTTPS.

Detection: Open Chrome DevTools (F12), go to the Console tab, and look for Mixed Content warnings. Alternatively, use the SSL Labs Mixed Content Checker or the why-no-padlock.com tool.

Resolution strategies:

Update hardcoded http:// URLs in your CMS database using a search-replace tool (e.g., wp-cli search-replace 'http://example.com' 'https://example.com' for WordPress)
Set the Content-Security-Policy: upgrade-insecure-requests header as a temporary mitigation while you fix sources
Audit third-party embeds — if a vendor does not support HTTPS, replace or remove the embed

Step 5: Validate Your Configuration

# Test certificate chain and expiry
openssl s_client -connect example.com:443 -servername example.com < /dev/null

# Check TLS protocol versions and cipher suites
nmap --script ssl-enum-ciphers -p 443 example.com

For a comprehensive external audit, submit your domain to SSL Labs Server Test. An A+ rating requires:

TLS 1.2 and 1.3 only (TLS 1.0 and 1.1 disabled)
No weak cipher suites (RC4, 3DES, export ciphers)
HSTS header with max-age >= 180 days
No certificate chain issues (intermediate certificates included)
OCSP stapling enabled

Common Pitfalls and Edge Cases

Certificate chain incompleteness is the most frequent production issue. If you install only the leaf certificate without the intermediate CA certificate, most desktop browsers will still resolve the chain (they cache intermediates), but mobile browsers, API clients, and curl will fail with SSL_ERROR_RX_RECORD_TOO_LONG or unable to get local issuer certificate. Always use fullchain.pem (Let's Encrypt) or concatenate leaf + intermediate for other CAs.

OCSP stapling reduces handshake latency and improves privacy by having the server cache and serve the OCSP response rather than requiring the browser to contact the CA's OCSP responder. Without stapling, every TLS handshake triggers a third-party HTTP request, adding 50–200ms of latency on cold connections. Enable it in Nginx with ssl_stapling on; ssl_stapling_verify on;.

Private key security is frequently neglected. The private key file should be owned by root, readable only by the web server process, and stored with chmod 600 permissions. Never commit private keys to version control. On shared infrastructure, use hardware security modules (HSMs) or secrets management systems (HashiCorp Vault, AWS Secrets Manager) for key storage.

Wildcard certificate revocation has an outsized impact. If a wildcard private key is compromised and the certificate is revoked, every subdomain loses HTTPS simultaneously. For high-security environments, prefer per-subdomain certificates automated via ACME DNS-01 challenges.

TLS termination at the load balancer is a common architecture where TLS is decrypted at the edge (load balancer, CDN, reverse proxy) and traffic flows unencrypted internally. This is acceptable only if the internal network is fully trusted and isolated. For regulated environments (PCI-DSS, HIPAA), end-to-end encryption — re-encrypting traffic between the load balancer and backend servers — is required.

HTTPS on AlexHost Infrastructure

On a VPS Hosting environment, you have full root access to install Certbot, configure Nginx or Apache directly, and implement the hardened TLS settings described above. This is the recommended path for production workloads requiring custom cipher suites, HSTS preloading, and OCSP stapling.

For users on Shared Web Hosting, Let's Encrypt certificates are typically available through the control panel with one-click installation, handling certificate issuance and renewal automatically without SSH access.

If you manage multiple domains or run a reseller operation, VPS with cPanel provides a graphical interface for SSL management across all hosted domains, including AutoSSL for automatic Let's Encrypt provisioning.

For e-commerce deployments handling payment data, pairing HTTPS with a commercial OV or EV certificate from SSL Certificates provides the organizational identity verification that DV certificates cannot offer — relevant for PCI-DSS compliance audits.

If your infrastructure includes transactional or marketing email, note that HTTPS and SMTP/IMAP TLS are separate concerns. Securing your web presence does not automatically secure your mail infrastructure; that requires separate TLS configuration on your Email Hosting stack.

Decision Matrix and Technical Checklist

Use this checklist before marking an HTTPS migration complete:

Certificate

[ ] Certificate issued by a trusted CA (verify with openssl verify)
[ ] Full certificate chain installed (leaf + intermediates)
[ ] Certificate covers all served domains/subdomains (check SANs)
[ ] Expiry monitoring configured (alerting at 30 days and 7 days)
[ ] Automated renewal tested with --dry-run

Server Configuration

[ ] TLS 1.0 and 1.1 explicitly disabled
[ ] TLS 1.3 enabled
[ ] Weak cipher suites removed (RC4, 3DES, NULL, EXPORT)
[ ] OCSP stapling enabled and verified
[ ] ssl_session_tickets off (prevents session ticket key rotation issues)

Application Layer

[ ] All internal links use relative URLs or https://
[ ] No mixed content warnings in browser console
[ ] Content-Security-Policy: upgrade-insecure-requests header set
[ ] 301 redirects from HTTP to HTTPS on all hostnames

Security Headers

[ ] Strict-Transport-Security header with max-age >= 31536000
[ ] includeSubDomains directive added (after verifying all subdomains support HTTPS)
[ ] Domain submitted to HSTS preload list (optional but recommended)

Validation

[ ] SSL Labs Server Test returns A or A+
[ ] openssl s_client confirms correct certificate chain
[ ] Renewal cron/systemd timer confirmed active

FAQ

Does HTTPS protect against all types of cyberattacks?

No. HTTPS encrypts the transport layer and authenticates the server, but it does not protect against application-layer vulnerabilities (SQL injection, XSS, CSRF), compromised server-side code, or attacks targeting the authenticated user's device. A phishing site can obtain a valid DV certificate and display a padlock — HTTPS confirms the connection is encrypted, not that the site is trustworthy.

What is the performance impact of enabling HTTPS?

With TLS 1.3 and HTTP/2, the overhead is negligible on modern hardware. The TLS handshake adds one additional round trip on first connection (zero on resumption with session tickets or 0-RTT). AES-NI hardware acceleration, available on virtually all server CPUs since 2010, handles symmetric encryption at line speed. In practice, HTTPS sites often load faster than HTTP equivalents because HTTP/2 multiplexing and header compression — which require TLS in browsers — outweigh the handshake cost.

What happens when an SSL/TLS certificate expires?

Browsers immediately display a full-page warning blocking access to the site. API clients and mobile apps typically fail with a hard error rather than a warning. Search engine crawlers may still index the site but will flag the certificate error. Automated renewal via Certbot or ACME prevents expiry; the critical operational requirement is ensuring the renewal cron job or systemd timer is running and that renewal alerts are configured.

What is the difference between TLS and SSL?

SSL (Secure Sockets Layer) is the predecessor protocol, with versions 2.0 and 3.0 both now deprecated and prohibited by RFC 7568 due to critical vulnerabilities (POODLE, DROWN). TLS (Transport Layer Security) is the successor, with TLS 1.2 (RFC 5246) and TLS 1.3 (RFC 8446) being the only versions considered secure. The term "SSL certificate" persists colloquially, but the actual protocol in use on any modern server is TLS. Configuring a server to allow SSLv3 is a misconfiguration, not a compatibility feature.

Can I use HTTPS on a domain I do not own?

No. Certificate Authorities validate domain control before issuance. The ACME protocol (used by Let's Encrypt) requires you to either place a specific file at a known HTTP path (HTTP-01 challenge) or create a specific DNS TXT record (DNS-01 challenge) to prove control. Without passing one of these challenges, no certificate will be issued for a domain you do not control.

Save 15% on All Hosting Services