The Secure Socket Layer protocol was created by Netscape to ensure secure transactions between web servers and browsers. The protocol uses a third party, a Certificate Authority (CA), to identify one end or both end of the transactions. This is in short how it works.
-
The browser checks that the certificate was issued by a trusted party (usually a trusted root CA), that the certificate is still valid and that the certificate is related to the site contacted.
-
The browser then uses the public key, to encrypt a random symmetric encryption key and sends it to the server with the encrypted URL required as well as other encrypted http data.
-
The web server decrypts the symmetric encryption key using its private key and uses the symmetric key to decrypt the URL and http data.
-
The web server sends back the requested html document and http data encrypted with the symmetric key.
-
The browser decrypts the http data and html document using the symmetric key and displays the information.
