Cisco Cisco Web Security Appliance S190 Guía Del Usuario
Chapter 10 Decryption Policies
HTTPS Basics
10-8
Cisco IronPort AsyncOS 7.0 for Web User Guide
OL-23079-01
HTTPS Basics
HTTPS is a web protocol that acts as a secure form of HTTP. HTTPS is secure
because the HTTP request and response data is encrypted before it is sent across
the network. HTTPS works similarly to HTTP, except that the HTTP layer is sent
on top of a security layer using either Secure Sockets Layer (SSL) or Transport
Layer Security (TLS). SSL and TLS are very similar, so this User Guide uses
“SSL” to refer to both SSL and TLS, unless otherwise specified.
because the HTTP request and response data is encrypted before it is sent across
the network. HTTPS works similarly to HTTP, except that the HTTP layer is sent
on top of a security layer using either Secure Sockets Layer (SSL) or Transport
Layer Security (TLS). SSL and TLS are very similar, so this User Guide uses
“SSL” to refer to both SSL and TLS, unless otherwise specified.
shows the different OSI network layers for HTTPS and HTTP. It
shows that HTTPS is the HTTP protocol at the application layer over SSL or TLS
at the security layer.
at the security layer.
Figure 10-1
HTTPS and HTTP OSI Layers
Network interfaces
IP
TCP
SSL or TLS
HTTP
Application layer
Security layer
Transport layer
Network layer
Data link layer
Network interfaces
IP
TCP
HTTP
Application layer
Transport layer
Network layer
Data link layer
HTTP
HTTPS
The URL typically determines whether the client application should use HTTP or
HTTPS to contact a server:
HTTPS to contact a server:
•
http://servername. The client application opens a connection to the server on
port 80 by default and sends HTTP commands in plaintext.
port 80 by default and sends HTTP commands in plaintext.
•
https://servername. The client application opens a connection to the server
on port 443 by default and starts to engage in the SSL “handshake” to
establish a secure connection between the client and server. Once the secure
connection is established, the client application sends encrypted HTTP
commands. For more information about the SSL handshake, see
on port 443 by default and starts to engage in the SSL “handshake” to
establish a secure connection between the client and server. Once the secure
connection is established, the client application sends encrypted HTTP
commands. For more information about the SSL handshake, see
.