What Is a TLS Handshake?


The TLS handshake is an authentication protocol that occurs at the beginning of a communication session between a client and a server. Here's a short overview of what happens during a TLS handshake:

  • The client initiates communication through a "ClientHello" message, specifying supported cryptographic algorithms.
  • The server responds with a "ServerHello" message, selecting compatible algorithms and confirming the connection.
  • Both parties exchange key info for a secure connection.
  • The server provides its digital certificate to the client to prove its identity.
  • The client verifies the certificate's authenticity and provides its own certificate for mutual authentication.
  • Both parties contribute to generating a pre-master secret crucial for encryption.
  • The handshake concludes with the exchange of "Finished" messages, indicating the completion of a handshake.
  • From this point, the client and server use the agreed-upon cryptographic algorithms to encrypt and decrypt exchanged data.

TLS handshakes establish the parameters of encrypted communication, ensuring the confidentiality and integrity of exchanged data. These handshakes are a foundational part of how HTTPS works.