2006-11-14

SSL Handshake Sequence

參考apache

Phase 1
Establish protocol version, session id, cipher suite, compression method
Exchange random values
01. => ClientHello
02. <= ServerHello

Phase 2
Optionally send server certificate and request client certificate
03. <= ServerCertificate
04. <= CertificateRequest
05. <= ServerHelloDone

Phase 3
Send client certificate response if requested
06. => ClientCertificate
07. => CertificateVerify

Phase 4
Change CipherSuite and finish handshake
08. => ChangeCipherSpec
09. => Finished
10. <= ChangeCipherSpec
11. <= Finished