Cisco Cisco Web Security Appliance S690 User Guide
186
I R O N P O R T A S Y N C O S 6 . 3 F O R W E B U S E R G U I D E
H T T P S B A S I C S
HTTPS is a web protocol that acts as a secure form of HTTP. HTTPS is secure because the
HTTP request and response data is encrypted before it is sent across the network. HTTPS
works similarly to HTTP, except that the HTTP layer is sent on top of a security layer using
either Secure Sockets Layer (SSL) or Transport Layer Security (TLS). SSL and TLS are very
similar, so this User Guide uses “SSL” to refer to both SSL and TLS, unless otherwise specified.
HTTP request and response data is encrypted before it is sent across the network. HTTPS
works similarly to HTTP, except that the HTTP layer is sent on top of a security layer using
either Secure Sockets Layer (SSL) or Transport Layer Security (TLS). SSL and TLS are very
similar, so this User Guide uses “SSL” to refer to both SSL and TLS, unless otherwise specified.
Figure 10-1 shows the different OSI network layers for HTTPS and HTTP. It shows that HTTPS
is the HTTP protocol at the application layer over SSL or TLS at the security layer.
is the HTTP protocol at the application layer over SSL or TLS at the security layer.
Figure 10-1 HTTPS and HTTP OSI Layers
The URL typically determines whether the client application should use HTTP or HTTPS to
contact a server:
contact a server:
• http://servername. The client application opens a connection to the server on port 80 by
default and sends HTTP commands in plaintext.
• https://servername. The client application opens a connection to the server on port 443
by default and starts to engage in the SSL “handshake” to establish a secure connection
between the client and server. Once the secure connection is established, the client
application sends encrypted HTTP commands. For more information about the SSL
handshake, see “SSL Handshake” on page 186.
between the client and server. Once the secure connection is established, the client
application sends encrypted HTTP commands. For more information about the SSL
handshake, see “SSL Handshake” on page 186.
SSL Handshake
The SSL “handshake” is a set of steps a client and server engage in using the SSL protocol to
establish a secure connection between them. The client and server must complete the
following steps before they can send and receive encrypted HTTP messages:
establish a secure connection between them. The client and server must complete the
following steps before they can send and receive encrypted HTTP messages:
1. Exchange protocol version numbers. Both sides must verify they can communicate with
compatible versions of SSL or TLS.
2. Choose a cipher that each side knows. First, the client advertises which ciphers it supports
and requests the server to send its certificate. Then, the server chooses the strongest cipher
from the list and sends the client the chosen cipher and its digital certificate.
from the list and sends the client the chosen cipher and its digital certificate.
Network interfaces
IP
TCP
SSL or TLS
HTTP
Application layer
Security layer
Transport layer
Network layer
Data link layer
Network interfaces
IP
TCP
HTTP
Application layer
Transport layer
Network layer
Data link layer
HTTP
HTTPS