Glossary

SSL/TLS

SSL/TLS is the encryption protocol that secures connections between browsers and servers, enabling HTTPS and protecting data in transit.

SSL/TLS is the cryptographic protocol that encrypts traffic between a client and a server. SSL (Secure Sockets Layer) is the obsolete original; TLS (Transport Layer Security) is its modern successor, though "SSL" survives as a colloquial label.

What it provides

Encryption — third parties cannot read the data in transit.
Authentication — a certificate proves the server is who it claims to be.
Integrity — tampering with the data is detectable.

How it is used

A TLS handshake negotiates a cipher and exchanges keys, then the connection is encrypted. TLS is what turns plain HTTP into https. Modern sites run TLS 1.2 or TLS 1.3; older versions are deprecated.

Certificates are issued by a Certificate Authority (free options like Let's Encrypt are common). Once TLS is in place, you can add hsts to force secure connections.

Why it matters for hosting

Without valid TLS, browsers flag a site as "Not secure" and block features. It is also a prerequisite for http-2 and http-3.

See also

HTTPS HTTPS is HTTP layered over TLS encryption, so data exchanged between browser and website stays private, authenticated, and tamper-proof. HSTS (HTTP Strict Transport Security) HSTS is a security header that tells browsers to only ever connect to a site over HTTPS, preventing downgrade and cookie-hijacking attacks. HTTP/2 HTTP/2 is a major revision of HTTP that multiplexes many requests over one connection, reducing latency versus the older HTTP/1.1. HTTP/3 HTTP/3 is the latest HTTP version, built on the UDP-based QUIC transport to cut connection setup time and eliminate head-of-line blocking.

← All terms