This figure shows the handshake messages for a typical SSL connection between a Web server and a browser.

1. The client sends a Hello message to the server.

2. The server responds by sending a Hello message to the client.

3. The server sends its certificate to the client.

4. The client authenticates the server using the server's certificate.

5. The client generates a random value ("pre-master secret"), encrypts it using the server's public key, and sends it to the server.

6. The server uses its private key to decrypt the message to retrieve the pre-master secret.

7. The client and server separately calculate the keys that will be used in the SSL session.

8. The client and server send a Finished message to each other.

9. The client and server now transfer data using the encryption and hashing keys and algorithms.