SSL protects information by encrypting the data transfer between a visitor’s browser and the website.
A browser or server attempts to connect to a website (i.e. a web server) secured with SSL. The browser first verifies if the website’s SSL certificate is valid.
The web server sends the browser/server a copy of its SSL certificate.
The browser/server checks to see whether or not it trusts the SSL certificate. If everything checks out, then the browser uses the website’s public key to encrypt the data.
This data is then sent back as a message to the webserver. This data is then sent back to the intended server (website) where it is decrypted using the public key and a secret private key.
The web server sends back a digitally signed acknowledgment to start an SSL encrypted session.
Encrypted data is shared between the browser/server and the webserver.