Updating ssl cert
TLS and SSL do not fit neatly into any single layer of the OSI model or the TCP/IP model.
which would imply that it is above the transport layer.
Once the client and server have agreed to use TLS, they negotiate a stateful connection by using a handshaking procedure.
The protocols use a handshake with an asymmetric cipher to establish not only cipher settings but also a session-specific shared key with which further communication is encrypted using a symmetric cipher.
Taher Elgamal, chief scientist at Netscape Communications from 1995 to 1998, has been described as the "father of SSL".
To finish up we’ll want to make sure that any HTTP request the Synology receives is redirected to HTTPS and thus ensuring each time you access your Synology DSM it’s being protected by the SSL certificate.During this handshake, the client and server agree on various parameters used to establish the connection's security: This concludes the handshake and begins the secured connection, which is encrypted and decrypted with the session key until the connection closes.If any one of the above steps fails, then the TLS handshake fails and the connection is not created.In addition to the properties above, careful configuration of TLS can provide additional privacy-related properties such as forward secrecy, ensuring that any future disclosure of encryption keys cannot be used to decrypt any TLS communications recorded in the past.
TLS supports many different methods for exchanging keys, encrypting data, and authenticating message integrity (see Algorithm below).
One of the main ways of achieving this is to use a different port number for TLS connections, for example port 443 for HTTPS.