SSL Certificate works on a TCP (Transmission Control Protocol) protocol to send data over the internet. SSL follows a handshake process that sets up a secure connection without disturbing customers’ shopping experience. The SSL handshake process is as under:
- After building a TCP connection, the client started the handshake with sending information like SSL version, cipher suites, and compression method.
- The server then checks for the highest SSL version that is supported by both of them.
- The server also chooses the compression method and the cipher suite from the client’s option.
- After this exchange, the server sends a certificate (public key) to the client.
- The client confirms the certificate, creates pre-master secret for the session, and encrypts the session with the server’s public key.
- The server receives pre-master secret and decrypt it with the private key.
- Both parties agree on a single cipher suite and generate the session keys (symmetric keys) to encrypt and decrypt the information during an SSL session.
- Finally, both client and server exchanges encrypted message to ensure that the future messages will be encrypted.
The SSL handshake builds a secure connection and customers or users of a website will have a safe environment for potential web transactions.