There are multiple types of SSL certificates available today based on the validation level and number of domains they secure.SSL Certificates based on Validation Level: Thus, at the end of the SSL handshake, both the client and the server have a valid session key which they will use to encrypt or decrypt the original data.
The server decrypts the session key with its private key and sends the acknowledgement to the client encrypted with the session key. If the server has requested client authentication (mostly in server to server communication), then the client sends their own certificate to the server. The client creates a session key, encrypts it with the server’s public key and sends it to the server. If the authentication succeeds, then they proceed to the next step. If the authentication fails, then the client refuses the SSL connection and throws an exception. The client verifies the server’s SSL certificate from the CA (Certificate Authority) and authenticates the server. This includes the server’s SSL version number, cipher settings, session-specific data, an SSL certificate with a public key, and other information that the client needs to communicate with the server over SSL. The server responds with a “server hello” message. This includes the SSL version number, cipher settings, and session-specific data. Server communicates with the client using SSL. The following steps are involved in the standard SSL handshake: The SSL handshake allows the browser to verify the web server, get the public key, and establish a secure connection before the beginning of the actual data transfer. The communication over SSL always begins with the SSL handshake. TLS uses a combination of symmetric and asymmetric cryptography, as this provides a good negotiation between performance and security when transmitting data securely.Ĭertificate Management | Usage | Security | Encryption Glossary () Standard SSL handshake