TLS/SSL works by allowing the client and server to send each other encrypted data that only they can decrypt. TLS/SSL negotiates the terms of the encryption in a sequence of events known as the TLS/SSL handshake. The handshake involves the following types of authentication:

  • TLS/SSL server authentication requires the server to authenticate itself to the client.
  • TLS/SSL client authentication is optional and requires the client to authenticate itself to the server after the server has authenticated itself to the client.

The version of TLS/SSL that is used and which TLS/SSL cryptographic algorithm is used depends on which JVM you are using. Refer to your JVM documentation for more information about its TLS/SSL support.