What is SSL?
SSL stands for Secure Sockets Layer (SSL).
It is a protocol for secured communication, between two devices on the network by establishing an encrypted link between them.
HTTPS uses SSL protocol internally for secured connection over internet between client and server.
How SSL Certificates Work?
- A browser attempts to connect to a website secured with SSL. The browser/server requests that the web server identify itself.
- The web server sends the browser a copy of its SSL certificate along with public key.
- The browser gets the certificate verified with CA to ensure the server is actually the one which it claims it is.
- If the verification passes, browser sends its own key (symmetric key) encrypted with public key sent by server in step 2.
- Server uses its own private key, to decrypt the symmetric key sent by browser in above step, and handshake is complete.
- Now server and client will use this symmetric key to encrypt/decrypt the data being passed from now on.
Does SSL uses Asymmetric Cryptography or Symmetric Cryptography?
SSL uses both Asymmetric and Symmetric Cryptography, during initial handshake and conversations.