TLS is a data privacy and security protocol implemented for secure communication over internet. It usually encrypts communication between server and clients. TLS is a successor to Secure Socket Layer (SSL) protocol. SSL v3.0 and TLS v1.0 were very similar but it was replaced with TLS. You can also refer to Transport Layer Security (TLS).
A Transport Layer Security (TLS) connection is established via handshake.
TLS Handshake in action :
Figure - TLS Handshake
- With a TLS enabled service, a sender sends a ClientHello (as referred in protocol). This includes information about Client.
- Then server responds with ServerHello message (selecting highest version of TLS supported by Client) and then chooses a cipher suite from list in ClientHello message. The server also transmits its Digital certificate and a final ServerHelloDone message.
- Client validates certificate. Client then sends ClientKeyExchange message. Here client chooses a key exchange mechanism to securely establish a shared secret with server. Client also needs to send ChangeCipherSpec indicating that it is switching to secure communication now, which is finally followed by Finished message for indicating a successful handshake.
- Server replies with ChangeCipherSpec and an encrypted Finished message once shared secret is received.