In my application, I need to encrypt sensitive data on the client side using AES and then send it securely to the server for processing. However, I’m unsure how to manage the key exchange securely over HTTPS. I understand that HTTPS already provides encryption, but I want an additional layer with AES encryption for extra security.
Could someone explain the best way to perform secure key exchange in this setup?