1 min read

SSL/TLS Encryption—How it works

SSL/TLS Encryption—How it works
Photo by FLY:D / Unsplash

The basics:

• SSL refers to Secure Sockets Layer and is used to encrypt connections.

• TLS refers to Transport Layer Security, which is an updated and more secure version of SSL.

• Nowadays, TLS certificates are mainly used, but people still refer as SSL

• Public SSL certificates are issued by Certificate Authorities (CA)

• Comodo, Symantec, GoDaddy, GlobalSign, Digicert, Letsencrypt, etc…

• SSL certificates have an expiration date (you set) and must be renewed

  • Asymmetric Encryption is expensive (SSL)
  • Symmetric encryption is cheaper
  • Asymmetric handshake is used to exchange a per-client random symmetric key
  • Possibility of client sending an SSL certificate as well (two-way certificate)