After the SSL/TLS handshake is completed, the connection continues over the same port that was initially used to establish it, typically port 443 for HTTPS.

Port 443 is the standard port for HTTPS, which includes the SSL/TLS handshake and all encrypted communication afterward.

Port 80 is used for HTTP, which is unencrypted.

So if your client connects to a server using HTTPS, it connects to port 443, performs the TLS handshake over that port, and then continues sending/receiving encrypted data over the same port.

Can you use a different port, like 80, for TLS?
Technically, yes — but it’s non-standard and usually problematic.

1. TLS itself works over any TCP port. You could configure a server to offer HTTPS over port 80, 8443, or any custom port.

2. However, port 80 is universally expected to serve plain HTTP, not HTTPS. If a browser or client connects to port 80, it assumes the content is unencrypted.

3. If you serve HTTPS on port 80 and a client doesn't explicitly expect TLS, the connection will fail, because it will misinterpret the encrypted handshake as regular HTTP.

Key Points:

1. TLS does not change ports after the handshake, it stays on the same port (usually 443 for HTTPS).

2. You can technically use TLS on any port, including 80, but it’s non-standard and discouraged unless both server and client are explicitly configured for it.