Https add an encryption layer on top of http. Except that, they are the same. Also, https provide a way to make sure the website is who he claims to be and not a random hacker website pretending to be it.
Whatever you do on https it’s encrypted end to end and cannot be read by somebody in the middle.
For example, if you login to a webpage with http your password will be sent in clear text and possibly read by somebody in the middle (your internet provider, your company, any other network in between …) while on https that same password is encrypted before it leaves your browser and it’s safe until it reaches the server, where is decrypted
It works with a chain of certificates approved by some authorities that your browser trust, so that beside encryption you can also trust that the website you are connecting to is actually who it claims to be (of course, that require you trusting the web site certificate and chain of trust).
Https add an encryption layer on top of http. Except that, they are the same. Also, https provide a way to make sure the website is who he claims to be and not a random hacker website pretending to be it.
Whatever you do on https it’s encrypted end to end and cannot be read by somebody in the middle.
For example, if you login to a webpage with http your password will be sent in clear text and possibly read by somebody in the middle (your internet provider, your company, any other network in between …) while on https that same password is encrypted before it leaves your browser and it’s safe until it reaches the server, where is decrypted
It works with a chain of certificates approved by some authorities that your browser trust, so that beside encryption you can also trust that the website you are connecting to is actually who it claims to be (of course, that require you trusting the web site certificate and chain of trust).