This document explains the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols and how servers use them.
TLS and SSL
TLS and SSL are two cryptographic protocols that clients and servers use for secure communication over the Internet. Systems frequently use them for email and web browsing.
Both of these protocols initiate a “handshake,” during which your server and the user’s computer agree upon specific conditions. These conditions include, most importantly, a set of public and private keys that they will use to encrypt and decrypt messages during the secure session.
As a web server, your server will identify itself with a certificate when it receives a secure request from a user. These certificates are either self-signed or verified through a certificate authority (CA).
Servers generate and sign their own self-signed certificates. We do not recommend self-signed certificates because they do not use a third-party verification system, and any server can spoof your server. To remedy this issue, we recommend that you use a certificate that you obtain through a CA. The CA verifies the identity of your server to secure user requests.