When it’s comes to the SSL/TLS certificates, my mind get tensed and confuse. because it’s very complex topic to debug and understand.

So in this post, I’ll try to simplify this thing using following break down:

What is and Why SSL/TLS ?

Transport Layer Security (TLS) and Secure Sockets Layer (SSL) is the standard security technology for establishing an encrypted link between a server and a client. In typical example client can be browser and web server. This link ensures that all data passed between the web server and browsers remain private and integral.

The SSL/TLS protocol aims primarily to provide privacy and data integrity between two communicating computer applications.

Different between SSL and TLS

They are basically the same protocols, just different versions, SSL is an older and TLS is newer one.

SSL Versions

TLS Versions

How deos SSL/TLS works ?

When Client and Server try to establish connection in TLS, it’s called TLS handshake method.

Basic TLS handshake

A typical connection example follows:

Step 1# Client Hello

Step 2# Server Hello

Step 3# Server Key Exchange

Step 4# Server Hello Done

Everything upto now all in clear text, this all information till now is ok because it’s public key. now they need to movie in secure connection. client/server will not use public/private key anymore. client will generate symetric key. so client and server will have same symetric key, so they both will encrypt/decrypt data.

Step 5# Client Key exchange

Step 6# Change Cipher Spec

Step 7# Encrypted handshake

What’s next ?

In next part, we will see how to setup own CA and will generate public/private key to demonstrate with simple HTTPS server.