Implementing an SSL certificate

HTTP web traffic sent between the server and browser is sent unencrypted in the clear text, which is a security risk since a third party can potentially hijack the traffic and read the data, which may contain sensitive information such as names, addresses, and bank details.

When we implement a Secure Socket Layer (SSL) certificate and use an HTTP Secure (HTTPS) endpoint, the traffic is encrypted, making it difficult to steal by a third party (although not impossible—look up the man-in-the-middle attack and brute force attack; the former is associated with hackers and the latter with government agencies that have super computers!).

Using HTTPS has a performance impact as every connection made has an initial handshake ...

Get Learning Microsoft Azure now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.