SSL – Secure Sockets Layer
TLS – Transport Layer Security
What is SSL/TLS?
SSL is a protocol that encrypts data transmitted between computers.
TLS is the newer and more secure version of SSL.
SSL provides multiple layers of protection by encrypting data sent between the server and the end user.
When you see HTTPS in a website address, it means that some form of SSL/TLS encryption is being used.
The SSL Handshake
When you visit a secure website, your browser and the website’s server perform a handshake to establish a secure connection.
The browser sends a Client Hello!
message to the server.
This includes details such as:
- Browser information
- Cipher settings
- Operating system
- Supported encryption algorithms
The server responds with a Server Hello!
message.
It includes:
- Server details
- Selected encryption algorithm
-
Digital SSL certificate containing:
- Domain name
- Certificate Authority (CA)
- Public key (used for encryption)
The browser checks if the server’s SSL certificate is valid and issued by a trusted Certificate Authority (CA).
Certificate Authority (CA) — The organization that signs or vouches for an SSL certificate’s authenticity.
Session Key Exchange
If the certificate is valid:
The browser generates a random session key.
It encrypts this session key using the server’s public key (from the SSL certificate).
The encrypted session key is sent to the server.
The server decrypts it using its private key.
Then:
The server sends a “Finished” message to the browser.
The browser replies with its own “Finished” message — confirming the handshake.
Secure Connection Established
If both sides verify the messages successfully, a secure connection is established.
From this point on, all communication between your browser and the server is encrypted using the shared session key.
Final Thoughts
SSL/TLS protects your personal data, passwords, and payments from being intercepted.
It’s the reason why you can safely browse, shop, and communicate online every day.
Whenever you see the 🔒 lock icon next to a website, that’s SSL/TLS at work!
Top comments (0)