TLS Handshake Explained: How HTTPS Actually Works

When you type https:// into your browser, a lot happens before you see the webpage. HTTPS is not a separate protocol. It is simply HTTP (the web protocol) running inside a TLS security tunnel that is carried over TCP (the reliable transport). This article walks through each layer, explains the TLS handshake, and shows how certificates are verified. The Foundation: TCP TCP (Transmission Control Protocol) is the workhorse that delivers data reliably between two machines. Before any application data can be sent, the client and server perform a three‑way handshake: SYN client says “I want to connect.” SYN‑ACK server agrees. ACK client confirms. After this, a bidirectional, ordered, error‑checked channel exists. TCP does not encrypt anything; it just moves bytes. The Security Layer: TLS TLS (Transport Layer Security) is a protocol that runs on top of TCP. Its job is to turn the plain TCP pipe into an encrypted, authenticated, and integrity‑protected tunnel. The process of setting up this tu