OpenSSL & Cert7 min read

How HTTPS Works: The TLS Handshake Explained Step by Step

A step-by-step walkthrough of what happens when your browser connects to an HTTPS site — ClientHello, ServerHello, certificate verification, key exchange, session keys, and encrypted communication.

Every time your browser connects to an HTTPS site, a complex cryptographic ceremony happens in milliseconds. Here's exactly what occurs, step by step.

The TLS Handshake

Before any data is exchanged, browser and server negotiate how to communicate securely:

Step 1: ClientHello

Browser sends to server:

  • TLS versions it supports (e.g., TLS 1.2, TLS 1.3)
  • Cipher suites it supports (encryption + hash algorithms)
  • A random number (client random)

Step 2: ServerHello

Server responds with:

  • Chosen TLS version
  • Chosen cipher suite (e.g., TLS_AES_256_GCM_SHA384)
  • Its SSL certificate (containing public key + domain info)
  • A random number (server random)

Step 3: Certificate Verification

Browser checks the server's certificate:

  • Is it signed by a trusted CA? (CA's signature verified with CA's public key)
  • Does the domain match? (CN or SANs include the current domain)
  • Is it still valid? (current date within notBefore and notAfter)
  • Has it been revoked? (OCSP check)

Step 4: Key Exchange

In TLS 1.3, browser and server use ECDH (Elliptic-curve Diffie-Hellman) to agree on a shared secret without ever transmitting it. The shared secret + client random + server random are combined to derive session keys.

Step 5: Session Keys and Encrypted Communication

Both sides derive identical AES session keys from the shared secret. All subsequent communication is encrypted with AES-256-GCM. The handshake is complete — the browser shows the padlock.

TLS 1.3: Faster Handshake

TLS 1.2 handshake: 2 round trips before data
Client → ClientHello → Server
Client ← ServerHello, Certificate, ServerHelloDone ←
Client → ClientKeyExchange, ChangeCipherSpec, Finished →
Client ← ChangeCipherSpec, Finished ←
→ Connection established (2 round trips = ~200ms added)

TLS 1.3 handshake: 1 round trip
Client → ClientHello + key_share →
Client ← ServerHello + key_share, Certificate, Finished ←
→ Connection established (1 round trip = ~100ms added)

TLS 1.3 resumption: 0 round trips (0-RTT)
Client → ClientHello + early data → Server processes immediately

Why HTTPS Isn't Slower

Modern hardware has dedicated AES-NI instructions that make AES encryption essentially free in terms of CPU time. The overhead of TLS 1.3 is about one additional round trip on first connection — negligible compared to the time spent loading page content. HTTP/2 (which requires HTTPS) often makes HTTPS pages faster than their HTTP equivalents.

TRY THE FREE TOOL

Certificate Decoder

Decode and inspect SSL/TLS certificate details

Open Tool →
N

Nattapon Tonapan

Developer & creator of FreeUtil. Building free tools for developers and Thai users.

About the author →

RELATED ARTICLES

OpenSSL & Cert7 min read

What is SSL/TLS? How HTTPS Actually Works

OpenSSL & Cert7 min read

SSL Certificate Types Explained: PEM, DER, PKCS12, and More

OpenSSL & Cert8 min read

How to Create a Self-signed SSL Certificate for Local Development

← Back to all articles