| TABLE 1: SSL Handshake Protocol Handshakes and Messages |
| Handshake |
Message |
| ClientHello |
The client sends a Hello message to the server to initiate the negotiation of certain SSL session characteristics. |
| ServerHello |
ServerHello is the first response to the client-initiated ClientHello message. ServerHello can contain a server certificate and demand the client to authenticate to the server |
| ServerKeyExchange |
If the server has no certificate or the certificate used doesn't support the Diffie-Hellman protocol, the server must exchange public keys with the client. |
| ServerHelloDone |
This message indicates that the server's portion of the Hello message is complete. |
| CertificateRequest |
The server sends this request to the client, asking the client to authenticate. The client will respond with either a certificate message or a NoCertificate alert. |
| CertificateMessage |
The contents of this message differ between the chosen public-key algorithms. The client will try to respond with a suitable certificate based on the chosen encryption algorithm. |
| NoCertificate |
The client sends this alert stating that no suitable client certificate exists. This response can result in a termination of the SSL process if the server requires authentication. |
| ClientKeyExchange |
If the client forced the server to do a key exchange, the client will respond with its public key |
| Finished |
This message is the last exchange between server and client before data transmission commences. |