Imagine you and a friend want to share secret messages, but you don’t want anyone else to understand them. To do this, you both need a secret code that only you two know.
An SSL/TLS handshake is like creating that secret code with your friend, but instead of people, it’s between a computer (client) and a website (server) on the internet. They follow a series of steps to create their secret code, so they can share information without others understanding it.
First, the computer says “hello” to the website and tells it what kind of secret codes it knows. The website replies with a “hello” too and picks a secret code they both know. The website also shows a special ID card (certificate) to prove it’s the real website.
Next, they both work together to create a unique secret code just for them. Once they have the secret code, they tell each other they’re ready to use it. Now, they can share secret messages (information) that only they can understand, keeping their conversation private and safe.