This session is a continuation of previous session, in which at the end we talked about the security flaw in HTTP, while using Apache web server. In this session, we are going to extend HTTP to HTTPS i.e., HTTP over SSL/TLS to achieve data confidentiality (using encryption), data integrity (using hashing and digital signatures) and client/server authentication (using digital certificates). This is implemented using Linux a2enmod and a2dismod commands to enable ssl module in apache web server.