Stack Overflow
Stack Overflow

Questions tagged [https]

Hypertext Transfer Protocol Secure (HTTPS) is a combination of the Hypertext Transfer Protocol with the SSL/TLS protocol to provide encrypted communication and secure identification of a network web server.

Hypertext Transfer Protocol Secure () is a widely used communications protocol for secure communication over a computer network, with especially wide deployment on the Internet.

Technically, it is not a protocol in itself; rather, it is the result of simply putting SSL/TLS between Hypertext Transfer Protocol () and , thus adding the security capabilities of / to standard communications.

  • HTTP: HTTP | TCP | lower-layer-protocols
  • HTTPS: HTTP | TLS/SSL | TCP | lower-layer-protocols

HTTP uses the client/server computing model (), where a client makes a request of a server for access to a file or to pass a message to a program that runs in the server computer. The server takes the requested action and returns a response.

See the tag for more information on Transport Layer Security () and its predecessor, Secure Sockets Layer ().

Resources

25003 questions
262
votes
18 answers

Accept server's self-signed ssl certificate in Java client

It looks like a standard question, but I couldn't find clear directions anywhere. I have java code trying to connect to a server with probably self-signed (or expired) certificate. The code reports the following error : [HttpMethodDirector] I/O…
Nikita Rybak
  • 67,365
  • 22
  • 157
  • 181
255
votes
4 answers

What is the difference between Digest and Basic Authentication?

What is the difference between Digest and Basic Authentication ?
Dot Freelancer
  • 4,083
  • 3
  • 28
  • 50
254
votes
8 answers

Force SSL/https using .htaccess and mod_rewrite

How can I force to SSL/https using .htaccess and mod_rewrite page specific in PHP.
Sanjay Shah
  • 2,809
  • 2
  • 19
  • 20
251
votes
10 answers

How to force HTTPS using a web.config file

I have searched around Google and StackOverflow trying to find a solution to this, but they all seem to relate to ASP.NET etc. I usually run Linux on my servers but for this one client I am using Windows with IIS 7.5 (and Plesk 10). This being the…
Ben Carey
  • 16,540
  • 19
  • 87
  • 169
250
votes
3 answers

Will web browsers cache content over https

Will content requested over https still be cached by web browsers or do they consider this insecure behaviour? If this is the case is there anyway to tell them it's ok to cache?
slashnick
  • 26,167
  • 10
  • 55
  • 67
248
votes
7 answers

Can I change all my http:// links to just //?

Dave Ward says, It’s not exactly light reading, but section 4.2 of RFC 3986 provides for fully qualified URLs that omit protocol (the HTTP or HTTPS) altogether. When a URL’s protocol is omitted, the browser uses the underlying document’s protocol…
a paid nerd
  • 30,702
  • 30
  • 134
  • 179
229
votes
23 answers

Automatic HTTPS connection/redirect with node.js/express

I've been trying to get HTTPS set up with a node.js project I'm working on. I've essentially followed the node.js documentation for this example: // curl -k https://localhost:8000/ var https = require('https'); var fs = require('fs'); var options…
Jake
  • 5,379
  • 6
  • 19
  • 19
227
votes
10 answers

How to get Chrome to allow mixed content?

Chrome browser by default is blocking mixed content. How do I adjust my settings/configuration to allow mixed content without making any adjustments on the UI every time? I have found two solutions but neither of them work: Several articles say you…
Trant
  • 3,461
  • 6
  • 35
  • 57
219
votes
17 answers

Unrecognized SSL message, plaintext connection? Exception

I have a java complied package to speak with the https server on net. Running the compilation gives the following exception: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection? at…
karthi
  • 2,762
  • 4
  • 30
  • 28
217
votes
16 answers

How do I allow HTTPS for Apache on localhost?

I was asked to set up HTTPS with a self-signed cert on Apache on localhost, but how do I actually do that? I have no idea at all.
KennC.
  • 3,315
  • 6
  • 20
  • 18
213
votes
6 answers

How to do a https request with bad certificate?

Say I want to get https://golang.org programatically. Currently golang.org (ssl) has a bad certificate which is issued to *.appspot.com So when I run this: package main import ( "log" "net/http" ) func main() { _, err :=…
topskip
  • 16,207
  • 15
  • 67
  • 99
213
votes
28 answers

How to find out if you're using HTTPS without $_SERVER['HTTPS']

I've seen many tutorials online that says you need to check $_SERVER['HTTPS'] if the server is connection is secured with HTTPS. My problem is that on some of the servers I use, $_SERVER['HTTPS'] is an undefined variable that results in an error. Is…
Tyler Carter
  • 60,743
  • 20
  • 130
  • 150
211
votes
15 answers

Best way in asp.net to force https for an entire site?

About 6 months ago I rolled out a site where every request needed to be over https. The only way at the time I could find to ensure that every request to a page was over https was to check it in the page load event. If the request was not over…
codethrift
  • 2,337
  • 4
  • 17
  • 16
210
votes
14 answers

How do I fix certificate errors when running wget on an HTTPS URL in Cygwin?

For example, running wget https://www.dropbox.com results in the following errors: ERROR: The certificate of `www.dropbox.com' is not trusted. ERROR: The certificate of `www.dropbox.com' hasn't got a known issuer.
Russell Davis
  • 8,319
  • 4
  • 40
  • 41
198
votes
12 answers

https connection using CURL from command line

I am new to Curl and Cacerts world and facing a problem while connecting to a server. Basically, I need to test connectivity over https from one machine to another machine. I have a URL to which I need to connect from Machine A (a linux machine) I…
user1270392
  • 2,981
  • 4
  • 21
  • 25
1 2
3
99 100