Stack Overflow
Stack Overflow

Questions tagged [https]

Hypertext Transfer Protocol Secure (HTTPS) is a combination of the Hypertext Transfer Protocol with the SSL/TLS protocol to provide encrypted communication and secure identification of a network web server.

Hypertext Transfer Protocol Secure () is a widely used communications protocol for secure communication over a computer network, with especially wide deployment on the Internet.

Technically, it is not a protocol in itself; rather, it is the result of simply putting SSL/TLS between Hypertext Transfer Protocol () and , thus adding the security capabilities of / to standard communications.

  • HTTP: HTTP | TCP | lower-layer-protocols
  • HTTPS: HTTP | TLS/SSL | TCP | lower-layer-protocols

HTTP uses the client/server computing model (), where a client makes a request of a server for access to a file or to pass a message to a program that runs in the server computer. The server takes the requested action and returns a response.

See the tag for more information on Transport Layer Security () and its predecessor, Secure Sockets Layer ().

Resources

22980 questions
1680
votes
29 answers

How do we control web page caching, across all browsers?

Our investigations have shown us that not all browsers respect the HTTP cache directives in a uniform manner. For security reasons we do not want certain pages in our application to be cached, ever, by the web browser. This must work for at least…
Edward Wilde
  • 23,831
  • 8
  • 52
  • 64
1325
votes
33 answers

Android 8: Cleartext HTTP traffic not permitted

I had reports from users with Android 8 that my app (that uses back-end feed) does not show content. After investigation I found following Exception happening on Android 8: 08-29 12:03:11.246 11285-11285/ E/: [12:03:11.245, main]: Exception:…
david.s
  • 13,440
  • 3
  • 11
  • 10
1133
votes
14 answers

Are HTTPS URLs encrypted?

Are all URLs encrypted when using TLS/SSL (HTTPS) encryption? I would like to know because I want all URL data to be hidden when using TLS/SSL (HTTPS). If TLS/SSL gives you total URL encryption then I don't have to worry about hiding confidential…
Daniel Kivatinos
  • 21,262
  • 23
  • 57
  • 81
749
votes
17 answers

How can I make git accept a self signed certificate?

Using Git, is there a way to tell it to accept a self signed certificate? I am using an https server to host a git server but for now the certificate is self signed. When I try to create the repo there for the first time: git push origin master…
Ian Vink
  • 60,720
  • 99
  • 311
  • 535
675
votes
8 answers

Are HTTPS headers encrypted?

When sending data over HTTPS, I know the content is encrypted, however I hear mixed answers about whether the headers are encrypted, or how much of the header is encrypted. How much of HTTPS headers are encrypted? Including GET/POST request URLs,…
Dan Herbert
  • 90,244
  • 46
  • 174
  • 217
498
votes
7 answers

Enabling HTTPS on express.js

I'm trying to get HTTPS working on express.js for node, and I can't figure it out. This is my app.js code. var express = require('express'); var fs = require('fs'); var privateKey = fs.readFileSync('sslcert/server.key'); var certificate =…
Alan
  • 42,055
  • 16
  • 107
  • 130
492
votes
26 answers

Resolving javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed Error?

Edit :- Tried to format the question and accepted answer in more presentable way at mine Blog Here is the original issue. I am getting this error: detailed message sun.security.validator.ValidatorException: PKIX path building failed: …
M Sach
  • 30,322
  • 72
  • 198
  • 300
406
votes
22 answers

Trusting all certificates using HttpClient over HTTPS

Recently posted a question regarding the HttpClient over Https (found here). I've made some headway, but I've run into new issues. As with my last problem, I can't seem to find an example anywhere that works for me. Basically, I want my client to…
harrisonlee
  • 4,798
  • 4
  • 18
  • 20
390
votes
4 answers

Are querystring parameters secure in HTTPS (HTTP + SSL)?

Do querystring parameters get encrypted in HTTPS when sent with a request?
Deep
  • 4,936
  • 2
  • 23
  • 31
385
votes
6 answers

Why does GitHub recommend HTTPS over SSH?

On the GitHub site there is a link... https://help.github.com/articles/generating-ssh-keys ... and it states... If you have decided not to use the recommended HTTPS method, we can use SSH keys to establish a secure connection between your…
John Livermore
  • 26,237
  • 38
  • 112
  • 191
380
votes
9 answers

Is an HTTPS query string secure?

I am creating a secure web based API that uses HTTPS; however, if I allow the users to configure it (include sending password) using a query string will this also be secure or should I force it to be done via a POST?
John
  • 27,040
  • 17
  • 82
  • 121
376
votes
22 answers

HTTP vs HTTPS performance

Are there any major differences in performance between http and https? I seem to recall reading that HTTPS can be a fifth as fast as HTTP. Is this valid with the current generation webservers/browsers? If so, are there any whitepapers to support…
Jim Geurts
  • 19,124
  • 23
  • 91
  • 105
373
votes
10 answers

How to create an HTTPS server in Node.js?

Given an SSL key and certificate, how does one create an HTTPS service?
murvinlai
  • 43,517
  • 50
  • 120
  • 169
369
votes
15 answers

Why am I suddenly getting a "Blocked loading mixed active content" issue in Firefox?

This morning, upon upgrading my Firefox browser to the latest version (from 22 to 23), some of the key aspects of my back office (website) stopped working. Looking at the Firebug log, the following errors were being reported: Blocked loading mixed…
Appulus
  • 17,551
  • 10
  • 33
  • 43
1
2 3
99 100