What actually happens during a TLS handshake and why does it sometimes fail even with a valid certificate?

The short answer: a TLS handshake is a multi-step cryptographic negotiation and most failures in production have nothing to do with the certificate being invalid. They happen inside the negotiation itself. Here's what the handshake actually involves and where things go wrong under real infrastructure. The core sequence: The client sends a ClientHello with the TLS version it supports, a list of cipher suites, a random nonce and critically a Server Name Indication (SNI) extension that tells the server which hostname it's requesting. On shared infrastructure with multiple virtual hosts behind a reverse proxy, this SNI extension is how the right certificate gets selected. If SNI isn't passed through correctly by a load balancer, the wrong cert gets served silently. The server responds with its chosen cipher suite, its own nonce and its certificate chain (not just the leaf certificate the full chain including intermediates). Key exchange happens next: in TLS 1.2 via an encrypted pre-master