What Is SSL/TLS?
SSL/TLS Encryption Protocol
TLS (Transport Layer Security, successor to SSL) encrypts data between a client and server, preventing eavesdropping and tampering. It's what makes HTTPS work — the padlock in your browser. TLS verifies server identity (via certificates), negotiates encryption, and secures the connection.
How SSL/TLS Works
TLS handshake: browser connects to server → server presents its TLS certificate → browser verifies the certificate with a Certificate Authority → they negotiate encryption algorithms → establish a shared secret key → all subsequent data is encrypted. This happens in milliseconds.
Key Concepts
- Certificate — A digital document proving server identity, signed by a Certificate Authority — Let's Encrypt provides free certificates
- Handshake — The initial negotiation that verifies identity and establishes encryption — happens before any data transfer
- TLS 1.3 — The latest version — faster handshake (one round trip), stronger ciphers, and removes legacy insecure algorithms
Frequently Asked Questions
SSL vs TLS?
TLS replaced SSL. 'SSL' is commonly used but technically incorrect — all modern connections use TLS 1.2 or 1.3. SSL 3.0 has been deprecated since 2015.