Skip to content
Programming Glossary
Security Concepts Glossary
TLS/SSL — Explained with Examples

TLS/SSL — Explained with Examples

DodaTech Updated Jun 15, 2026 2 min read

TLS/SSL is a cryptographic protocol that encrypts data transmitted between clients and servers, ensuring privacy, integrity, and authentication over networks.

TLS (Transport Layer Security) and SSL (Secure Sockets Layer) provide secure communication over TCP. SSL is the deprecated predecessor; TLS is the modern standard. Most people still say “SSL” when they mean TLS.

The TLS Handshake

When you visit an HTTPS website, the client and server perform a handshake to establish a secure session:

Client → Server: "Hello, I support TLS 1.3, these cipher suites..."
Server → Client: "Hello, let's use TLS 1.3 with AES-256-GCM, here's my certificate"
Client → Server: "Certificate looks valid (signed by trusted CA), here's my key share"
Server → Client: "Session established, now communicating securely"

Certificate Validation

The server presents a digital certificate issued by a Certificate Authority (CA). The client checks:

  1. Is the certificate signed by a trusted CA?
  2. Is the domain name correct?
  3. Is the certificate still valid (not expired or revoked)?

Real-World Analogy

TLS is like sending a letter in a tamper-proof, sealed envelope. You check the sender’s ID (certificate) to confirm they’re who they say they are. You seal the envelope so only the recipient can open it (encryption). If someone tampers with the envelope, you’ll know (integrity). Without TLS, you’re sending postcards — anyone handling them can read the contents.

Example: Node.js HTTPS Server 

const https = require('https');
const fs = require('fs');

const options = {
  key: fs.readFileSync('private-key.pem'),
  cert: fs.readFileSync('certificate.pem')
};

https.createServer(options, (req, res) => {
  res.writeHead(200, { 'Content-Type': 'text/plain' });
  res.end('Secure connection established!\n');
}).listen(443);
// Check TLS info with curl
$ curl -v https://example.com

* SSL connection using TLSv1.3 / AES256-GCM-SHA384
* Server certificate:
*   subject: CN=example.com
*   issuer: C=US, O=Let's Encrypt, CN=R3
*   certificate is valid

Cipher Suites

A cipher suite specifies the algorithms used:

  • Key exchange: how to share keys (ECDHE, RSA)
  • Authentication: verifying identity (RSA, ECDSA)
  • Encryption: protecting data (AES-256-GCM, ChaCha20)
  • HMAC: integrity check (SHA-384, SHA-256)

Related Terms

HTTPS, PKI, Encryption vs Hashing, HTTP, WAF

Related Tutorial

Web Security — Complete Guide

Previous Encryption vs Hashing — Explained with Examples Next HTTPS — Explained with Examples

Built by the developers of DodaTech

Doda Browser, DodaZIP & Durga Antivirus Pro

Home Browse Security Concepts Glossary