There are two movitation for SSL/TSL
1) Data encryption, if the data is captured by 3rd party, the data will be in encrypted.
2) Host identification, to verify the destination host is trusted
There are 5 step handshake for SSL/TSL build
1) Client send hello message, it includes the SSL/TLS version
2) Desination Host response with hello, include the agreement algorithem, digitial certificate, and public key.
3) client contacts the server CA to verify the digital certificate
4) Client shares a secret key which is encrypted by server's public key and send it to server
5) server send finish and the connection is established
转载于:https://www.cnblogs.com/anyu686/p/8655260.html