Securing your website using HTTPS is becoming increasingly important. The browser makers have started issuing warnings for HTTP-only websites, for example, and the search engines are downgrading such sites in search rankings. Privacy concerns dictate the encryption of all traffic sent over the internet. Phishing attacks luring victims to fake websites filled with malware dictate we have a mechanism to robustly identify website ownership.
HTTPS is simply HTTP run through TLS/SSL, which is an internet protocol for encrypted connections. The encryption keys are stored in a trusted Public Key Infrastructure (PKI) with encrypted certificates for validating websites. With a correctly issued certificate, HTTPS validates the domain so that our users have some assurance they've visited a valid website, and that their data transfers are encrypted to prevent (casual) eavesdropping. That green button in the browser location bar is meant to reassure our visitors that...