A common practice for attackers is to intercept data exchanged between the client and the server. For that reason, it is essential to encrypt communication between them to keep the data secure. SSL uses SSL certificates to set up a trusted connection between the server company and the client. SSL uses symmetric and asymmetric encryption to encrypt keys used during this communication. Let's see a schema of a typical SSL handshake between client and server:

This schema shows the conventional steps of an SSL handshake: 

1. The connection starts with the client that initiates the request. Before the start, the server sends an SSL certificate to the client, which ensures that the certificate is valid and trustable.
2. The client proceeds by extracting and encrypting the public key included in the SSL certificate.

3. The client sends the encrypted key (private key) to the server, which encodes the data and transmits it back to the client.
4. Data communication starts and the encrypted key is used to encrypt and decrypt data shared by the client and the server.

SSL is the basis of the HTTPS protocol, which is the standard way to transfer encrypted data. The following section describes how to set up and enforce HTTPS in ASP.NET Core.