Server authentication

With server authentication, the client will ensure that the server certificate is valid and that it is signed by a certificate authority (CA) which the client trusts.

SSL will use asymmetric cryptography and handshake protocol flows to generate a symmetric key which will be used only for this unique SSL session. This key is used to generate a set of keys which are used for encrypting and decrypting data which will flow over the SSL session. Subsequently, when an SSL handshake has completed, one or both ends of the communication link will have been authenticated. Additionally, a unique key will have been generated to encrypt and decrypt the data. Once the handshake is completed then application layer data will flow encrypted across that SSL session.