SSL is dead, TLS replaced it.

• TLS 1.2 → slower handshake, older cipher suites
• TLS 1.3 → faster handshake, more secure, less round trips

Transport Layer Security

To make http become https (wraps HTTP inside an encrypted tunnel).

Application  (HTTP)
Security     (TLS)   ← THIS
Transport    (TCP)
Network      (IP)

1. Encryption – no one can read the data
2. Authentication – you’re talking to the real server
3. Integrity – data isn’t changed in transit

TLS Cert (passport of website)

• Domain name (example.com)
• Public key
• Issuer (Let’s Encrypt, DigiCert, etc.)
• Expiry date
• Signature

How TLS cert auto issued to domain