What is HTTPS?
HTTP, the Hypertext Transfer Protocol, is the language or "protocol" that all web browsers speak when talking to web servers. And SSL, which stands for Secure Sockets Layer, is a protocol that provides secure communication. When two programs talk to each other using HTTP, but do it using SSL's secure communications instead of talking "in the clear," they are speaking HTTPS.

When two programs communicate via HTTPS, they need a way to verify each other's identity and agree on a method of encryption. They do this via SSL certificates.

HTTPS URLs can be recognized by the additional s after http. By default, HTTPS communication happens on TCP/IP port number 443 instead of port 80.


What is an SSL certificate?
An SSL certificate is a means by which web servers prove their identity to web browsers, allowing a secure site to communicate privately with the web browser via the HTTPS protocol.

An SSL certificate is digitally "signed" by a certificate authority, such as GoDaddy or Thawte, that web browsers already trust. This allows the web browser to verify the identity of a secure site before sending private personal information, such as bank account or credit card numbers. Webmasters can purchase certificates from the certificate authorities, which verify the webmaster's identity to varying degrees.