Introduction to SSL and TLS

Question 1

what is HTTPS?

Answer 1

HTTPS is the secure version of HTTP. All data that is sent over with HTTPS is encrypted

Question 2

what is 301 HTTP redirect response code?

Answer 2

A 301 redirect signals a permanent move from one URL to another, meaning the page in question has moved location.
Often this is used when we redirect HTTP URLs to HTTPS URLs

Question 3

When you see wildcards like * in the domain name of the certificate , eg like in attached screenshot what does it mean? eg. *.google.com

Answer 3

It means the certificate is for google.com and all its sub domains.

Question 4

What is fingerprint in a certificate? eg. SHA1 and SHA256?

Answer 4

1. Fingerprints are called hashes of the certificates
2. Used to check the integrity of the certificate
3. Every certificate has fingerprint and they are used to check the integrity of the certificate

Question 5

What does this inspect of a web page tell you , specifically what is that schema column?

Answer 5

It shows the different images, JS files and docs that were downloaded for this web page , and schema shows they were all downloaded using HTTPS schema.
The Domain column shows the domain where each file was downloaded from.

Question 6

What is a website?

Answer 6

A website is a different set of images or files that are downloaded from different domains

Question 7

What does this page show you

Answer 7

THis shows the requests and the size. Which means to load that particular web page, 30 requests were sent and the size of images and files that were downloaded are 1.76 Mb

Question 8

When using HTTPS, what extra header layer do you see in the packet capture?

Answer 8

We will see TLS layer after the TCP layer

Question 9

How is HTTP sent over TLS safe?

Answer 9

data sent over TLS is fully encrypted

Question 10

How is HTTPS and TLS related?

Answer 10

In HTTPS, all data is sent using TLS protocol, and TLS is responsible for encryption of data that is sent over it