Hello!
A TLS handshake takes place whenever a user accesses a website over HTTPS and the browser first begins by querying the website's origin server. A TLS handshake also occurs whenever other communications use HTTPS, including API calls and DNS queries over HTTPS.
TLS handshakes occur after opening a TCP connection through a TCP handshake.
During a TLS handshake, the client and the server together do the following:
specify which version of TLS (TLS 1.0, 1.2, 1.3, etc.) they will use;
decide which cipher suites (see below) they will use;
authenticate the identity of the server via the public key of the server and the digital signature of the SSL certification authority;
generate session keys to use symmetric encryption once the handshake is complete.
Thanks!