The SSL handshake is necessary in order for the browser and server to agree on the encryption methods and keys that will be used to communicate. This process starts with the browser sending a message to the server asking what encryption methods are supported. The server then responds with a list of options, and the browser chooses the best option. From there, the server sends a certificate to the browser to prove its identity, and the browser verifies the certificate. Finally, the two parties generate a shared key that will be used to encrypt all future communication.
