What happens when do a HTTPS request in terms of the s part?

Question

For example, when I request https://example.com, which use verisign ca.

My understanding is there are same verisign.ca file in client and server, when client send request, the client use that file to encrypt request and send to server, then server use the same verisign file to decrypt ?

Answer 1

First we have to look at the TLS/SSL handshake to get an idea of how things works. It is illustrated nicely in this image:

Key Exchange
It seems like you mostly want to know how the encryption is handled during the request. Between step 5 & 6 on the image above, there is key exchange process that has to be followed. During this key exchange, both parties i.e. the client and server agree on a symmetrical key that will be used to use for the encryption of the data.

Encryption
During the key exchange phase above the client generates a random key to be used for the symmetrical algorithm, previously decided on the Hello phase of the handshake. The client then encrypts this key with the servers public key, and sends it onto the server. The server then goes and decrypts the key with it's private key. Once that has taken place, both parties are happy that the handshake is complete and they both have the key to encrypt/decrypt the data.

Data
Since both the client and server have agreed on the key to be used to encrypt the data, the client requests a certain resource from the web server, encrypting the request and it being decrypted on the server. The server then retrieves the resource then encrypts the message and sends the data back that the client can decrypt.