SSL/TLS provides an encrypted security layer for HTTP communications. It works by adding an additional handshake and encryption step to standard HTTP connections, protecting the raw data stream as it is transmitted over TCP. When HTTPS is used, the connection occurs over port 443 instead of port 80, SSL version information is added to the HTTP header, and the browser verifies the identity of the server through a certificate authority chain of trust before decrypting and reading the response. Frameworks like Sinatra can easily support HTTPS by adding SSL certificates and keys without other code changes.