SSL Handbook
Introduction section for SSL / TLS
Last updated
Introduction section for SSL / TLS
Last updated
SSL (Secure Sockets Layer) is a standard security technology that establishes an encrypted link between a web server and a browser. This ensures that all data transmitted between them remains private and protected from eavesdropping. It has largely been replaced by TLS (Transport Layer Security), but the term "SSL" is still commonly used to refer to the technology. For further digging into the concept of SSL /TLS we should have the basic understanding about the HTTP & HTTPS Protocols..
HTTP stands for Hyper Text Transmission Protocol which was used in the earlier days of the internet as the communication between the web server & the client device was done in the " Plain text " unencrypted manner which was susceptible for eavesdropping..
Later we introduced HTTPs which is the extended version of HTTP comes with the additional layer of security where the communication between the web server & the client is done in the encrypted manner.
This encryption is done using the asymmetric encryption mechanisms implemented by the SSL/TLS functionality
When the client request the HTTPs based web server the traditional TCP 3 way handshake is first established between the web server and the client device then the SSL/TLS handshakes takes place.
When the Client requests the SSL session fromm the web server the web servers returns with the ACK message with the SSL Certificate & the PUBLIC key of the server.
Client created the session token and encrypts with the public key recieved from the web server and the encrypted session is then sent to the web server
Web server decrypts the traffic with the private key & then the secure HTTPs based session is established
This is how the SSL / TLS based communication (HTTPs) works.
SSL and TLS are the guardians of digital trust, encrypting the path to secure every click, transaction, and connection in our online world.
