SSL stands for Secure Socket Layer, which can be explained as a protocol for securing data transportation through internet, it is the protocol that guarantees the security of information sent by HTTP, SSL is the protocol used by internet browsers specifically the ones that support HTTPS.
The main aim of the protocol is keeping the security and safetyness between the client and the server.
Public Key Certificate:
It is a digital document that is issued and signed digitally with the private key of the authentication authority that link the subscriber name with a public key, the certificate certify that the stated subscriber solely has the full control over his private key and the access to it, it is a group of data clearly determine a specific body that have the public key of such body, and digitally signed by trustworthy third party (Authentication Authority).
Steps of initiating a secure connection using SSL protocol:
The authentication authority send unsigned certificate that was created on the site server to the Certificate Authority - CA, requesting certificate signing (Certificate Signing Request - CSR)
The certificate authority checks the information included in the certificate, the most important of this information is the domain.
The certificate authority will check that the domain is trustworthy, authenticate the information included in the certificate, digitally sign the certificate, and send it back to be kept in the server.
The site administrator will determine the pages that will use the certificate in sending data through SSL protocol.
Usually the pages that need to send data securely is kept in one directory with the name SSL, and the site administrator link the certificate to this directory.
This means that every page in this directory will use SSL protocol.
Whenever the browser found that one of these pages uses SSL protocol, the server (Certificate Owner) will send the signed certificate to the browser which in turn will check the Certificate Authority – CA that issued the certificate.
For sure the browser producer already armed the browser with a list of trusted authorities, which in our case is (VeriSign), to check the authorities identity
For more information, check the following links: