1) The client connects to a website and the server responds with a certificate and public key. 2) The client verifies the certificate with a certificate authority (CA). 3) The client then sends a randomly generated symmetric key to the server, encrypted with the server's public key. 4) All further communications are now encrypted with the random symmetric key.

1. SSL Walkthrough
High level view of SSL
keithrozario.com

2. Step 1: Client accesses website
Browser connects to website
Client Web Server

3. Step 2: Server responds with Certificate
Server responds with
Client Certificate and key Web Server

4. Step 3: Client verifies with CA
Client Web Server
Client verifies
certificate with CA
CA

5. Step 4: Client sends random key to
server
Client sends a random key to server
encrypted with the public key
Random
Client Key Web Server

6. Step 5: All communications are now
encrypted with the Random key
Random
Key
Client Web Server

7. Notes
 All data encrypted with the servers public key can only be decrypted by the
servers private key
 The randomly generated key was:
 Randomly Generated by the client
 Encrypted with the servers public key
 Only the Server and the Client would know the key, and unless they share it
no one else would know.
 Therefore encrypting the Data with the random key secures the data from
prying eyes.
 In most applications of SSL/TLS the key type, cipher and hash can be
configured based on client and server requirements. It is this that determines
the security of your connection, although SSL isn’t without it’s vulnerabilities.