1.>
The client sends a ClientHello which just contains the information of the
client’s supported SSL/TLS versions, cryptographic algorithms, etc.
2.>
The server responds with ServerHello which contains the information about
what algorithm it choose from the list of algorithms that it received from
ClientHello, the Server’s digital certificate along with the server’s public key
, etc.
3.>
The client verifies if the received digital certificate is valid by contacting
the Certificate Authority that issued the digital certificate.
4.>
Once the authenticity of the webserver is verified from the previous step,
ClientKeyExchange takes place. In which a shared secret key for the purposes of Symmetric key encryption is encrypted with the Server’s public key received in Step-2.
5.>
The client sends a Finished message
6.>
The server now sends a Finished message encrypted with the key sen
t by the Client in Step-4, implying that the communication is encrypted.
credit :-
https: