An SSL-encrypted connection is established via the SSL “handshake”
process, which transpires within seconds – transparently to the end user.
In essence, the SSL “handshake” works thus:
1) When accessing an SSL-secured Web site area, the visitor’s browser
requests a secure session from the Web server.
2) The server responds by sending the visitor’s browser its server certificate.
3) The browser verifies that the server’s certificate is valid, is being used
by the Web site for which it has been issued, and has been issued by a
Certificate Authority that the browser trusts.
4) If the certificate is validated, the browser generates a one-time
“session” key and encrypts it with the server’s public key.
5) The visitor’s browser sends the encrypted session key to the server so
that both server and browser have a copy.
6) The server decrypts the session key using its private key.
7) The SSL “handshake” process is complete, and a secure connection
has been established.
A padlock icon appears in the browser’s status bar, indicating that
a secure session is under way. If protected with a Premium Extended
Validation Certificate, a green address bar will also appear.
来自 “ ITPUB博客 ” ，链接：http://blog.itpub.net/17131144/viewspace-591391/，如需转载，请注明出处，否则将追究法律责任。