The client sends a Client key exchange message to the server.The client sends its certificate with a Certificate message. This step is required for client authentication. The client verifies the sever’s certificate.The server sends the Server hello done message.The server requests a certificate from the client with a Certificate request message. The server sends a Server key exchange message to the client, along with Diffie-Hellman parameters. This step is required when the client requires additional data to generate a premaster secret based on the key exchange algorithm such as DHE_RSA in the selected cipher suite. The server sends its certificate to the client with a Certificate message for authentication.The server responds by sending a Server hello message to the client, along with the server’s random value, the selected cipher suite and session id.The client sends a Client hello message to the server, along with the client’s random value and supported cipher suites.Establishing a Secure Session by Using TLS
The master secret is used by client and server to generate the write MAC secret, which is the session key used for hashing, and the write key, which is the session key used for encryption. These numbers are combined with additional data permitting client and server to create their shared secret, called the master secret. The client and server exchange random numbers and a special number called the premaster secret. The exact method used for authentication is determined by the cipher suite negotiated. PKI, the use of public/private key pairs, is the basis of this authentication. The client might also need to prove its identity to the server. In TLS, a server proves its identity to the client. The client and server make contact and choose the cipher suite that will be used throughout their message exchange. Authentication of the server and optionally, the client.When establishing a secure session, the Handshake Protocol manages the following: The Transport Layer Security (TLS) Handshake Protocol is responsible for the authentication and key exchange necessary to establish or resume secure sessions. Here I will note down my understanding for the TLS handshake process. TLS/SSL is used to establish connection in HTTPS.