server its crypto information. 2. The server sends the client its corresponding information, including its X.509 Certificate. 3. The client takes a look at the certificate, looks up the server’s Certificate Authority (CA), and verifies that the certificate is valid. 4. If the CA info checks out, the client generates a pre-master secret. 5. The client and server use the pre- master secret to generate a master secret. 6. Both the client and the server use the master secret to generate a symmetric session key. 7. The client tells the server that it will only use the session key to send information (and vice versa). There is now a secure, trustworthy TLS connection.