1. Client initiates an HTTPS request: When a user enters an HTTPS URL or clicks an HTTPS link in the browser, the browser will send an HTTPS request to the server to establish a secure connection.
2. server certificate verification: after receiving the HTTPS request, the server will return the server certificate to the client, including the server's public key, the signature of the certificate authority and other information. The client will verify the authenticity and legality of the certificate, including checking whether the certificate has expired and is issued by a trusted certificate authority.
3. Key exchange: If the server certificate is verified, the client will generate a random symmetric key, encrypt it with the server's public key and send it to the server. After receiving the encrypted key, the server decrypts it with the private key to obtain the symmetric key used by the client.
4. Data encryption: After the exchange of encryption keys, the communication between the server and the client will be conducted by using symmetric encryption algorithm, and the common symmetric encryption algorithm is AES. The server and the client use the same key to encrypt and decrypt data.
5. Secure communication: By using symmetric encryption algorithm, the server and the client can transmit data safely and protect the security of data during transmission.