How does HTTPS work, end to end, when you visit a website?
5 minintermediatehttpstls-handshakednstcp
Quick Answer
Your browser first resolves the domain to an IP address with DNS, then opens a TCP connection to the server. Next comes the TLS handshake: the browser and server agree on encryption settings, verify the server's certificate, and derive a shared encryption key. After that, the browser sends its HTTP request, and the server's HTTP response, all encrypted using that shared key.
Detailed Answer
Visiting https://example.com involves several layers working together, in order:
1. DNS lookup Browser asks: "what is the IP address for example.com?"
|
v
2. TCP connection Browser opens a TCP connection to that IP, usually on port 443
|
v
3. TLS handshake Browser and server agree on TLS version, cipher suite,
verify the server's certificate, and derive a shared key
|
v
4. HTTP over TLS Browser sends the HTTP request, encrypted
Server sends the HTTP response, encrypted
|
v
5. Page rendering Browser decrypts the response and renders the page
Step by step:
- DNS resolution — the domain name is turned into a server IP address.
- TCP handshake — a reliable connection is set up between browser and server (the standard TCP SYN / SYN-ACK / ACK exchange).
- TLS handshake — covered in detail in the next question. This is where encryption gets set up and the server's certificate gets checked.
- Encrypted HTTP exchange — once the handshake finishes, every request and response is encrypted using the shared key from the handshake.
- Rendering — the browser decrypts the response and displays the page.
All of this typically happens in well under a second. Modern TLS (version 1.3) is designed specifically to keep step 3 as fast as possible, since it adds a full round trip of network latency before any real data can be sent.