What happens when your browser connects to a HTTPS secure site? We all know it has to do something with certificates, blue and green address bars and sometimes your browser will give warnings which we normally click away. But what actually happens under the hood? In this talk I will give a step-by-step explanation on the first few hundred milliseconds during a connection to HTTPS. We will talk about master secrets, shared secrets, cipher suites, x509 certificates and why secure does not (always) mean secure. After this talk you not only can use HTTPS correctly, but also understand their basic foundations as well.