TLS/SSL is short for Transport Layer Security and Secure Socket Layer, they are a cryptographic protocols to ensure the privacy of communication. They are RFC defined standards. They use symmetric cryptography, which means that both the client and the server use the same key for encryption and decryption. Whereas asymmetric cryptography is where the two hosts has both a private and a public key.
The client initiates the connection by telling the server what cipher implementations it knows.
From this, the server chooses the one with the highest encryption scheme, it also knows and sends its choice to the client. The server also sends it certificate to the client, issued by a trusted third party.
The client verifies the certificate of the server, and generates a random number and encrypt it with the servers public key. This is send to the Server. Since the random number can only be decrypted by the server’s private key, the number forms the basis for a shared key to handle the encrypted communicaten.
The client then verifies that it has calculated the new shared key.
The server verifies it has calculated the new shared key.
Link to another cool diagram about an asymmetric TLS/SSL connection with private and public keys for both the cleint and server.
I double dare you to double click.