HTTPS (Hypertext Transfer Protocol over Secure Socket Layer, or HTTP over SSL) is a Web protocol developed by Netscape and built into browser applications that encrypts and decrypts user page requests as well as the pages that are returned by the Web server. HTTPS doesn't specify one specific encryption algorithm, or cipher, to use. The client and server can negotiate on what to use. For instance, in an Apache web server config for an HTTPS vhost, you have this setting: <pre> ## SSL Cipher Suite: # List the ciphers that the client is permitted to negotiate. # See the mod_ssl documentation for a complete list. SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL </pre>

HTTPS (Hypertext Transfer Protocol over Secure Socket Layer, or HTTP over SSL) is a Web protocol developed by Netscape and built into browser applications that encrypts and decrypts user page requests as well as the pages that are returned by the Web server. HTTPS doesn't specify one specific encryption algorithm, or cipher, to use. The client and server can negotiate on what to use. For instance, in an Apache web server config for an HTTPS vhost, you have this setting: <pre> ## SSL Cipher Suite: # List the ciphers that the client is permitted to negotiate. # See the mod_ssl documentation for a complete list. SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL </pre>