Secure Sockets Layer is a protocol developed by Netscape to handle and protect confidential/sensitive information required for e-commerce transactions (like credit card numbers). SSL addresses usually begin with 'https' and are essential in online shopping cart systems.SSL is the standard security technology for establishing an ‎encrypted link between a web server and a browser. This link ensures that all data ‎passed between the web server and browsers remain private and integral. SSL is an ‎industry standard and is used by millions of websites in the protection of their online ‎transactions with their customers.
An SSL certificate is a digital certificate that authenticates the identity of a Web site ‎and encrypts information that is sent to the server using Secure Sockets Layer (SSL) ‎technology. Encryption is the process of scrambling data into an undecipherable ‎format that can only be returned to a readable format with the proper decryption key.

The SSL protocol is used by millions of e-Business providers to demonstrate that they ‎are trustworthy and to protect their customers ensuring their online transactions ‎remain confidential. In order to be able to use the SSL protocol, a web server requires ‎the use of an SSL certificate.‎
SSL certificated websites have a golden padlock, which appears within their browser ‎display, as an indication of trust in the web site. This allows e-Business providers an ‎opportunity to increase trust level in order to turn visitors into paying customers.‎
A certificate serves as an electronic "passport" that establishes an online entity’s ‎credentials when doing business on the Web. When an Internet user attempts to send ‎confidential information to a Web server, the user’s browser accesses the server’s ‎digital certificate and establishes a secure connection. ‎

An SSL certificate contains the following information:‎

The certificate holder’s name ‎
The certificate’s serial number and expiration date ‎
A copy of the certificate holder’s public key ‎
The digital signature of the certificate-issuing authority

SSL certificate is issued (for the small fee of a few hundred dollars). This digital ‎certificate is installed on the Web server and will be viewable when a user enters a secure ‎area of the website. You can tell you are visiting a secure page when the URL starts with ‎‎"https." To view the certificate, click the lock icon near one of the edges of your browser ‎window.
A CA issues digital certificates that contain a public key and the identity of the owner. The matching private key is not similarly made available publicly, but kept secret by the end user who generated the key pair. The certificate is also an attestation by the CA that the public key contained in the certificate belongs to the person, organization, server or other entity noted in the certificate. A CA's obligation in such schemes is to verify an applicant's credentials, so that users and relying parties can trust the information in the CA's certificates. CAs use a variety of standards and tests to do so.‎

Because digital certificates verify a company's current status, they do not last forever. ‎SSL certificates typically expire every one to three years. If the certificate is not renewed ‎in time, you may see an alert box pop up that says "This website's certificate has expired." ‎This error has nothing to do with you or your computer, but is displayed because the Web ‎server you connected to has not renewed its SSL certificate. While this does not ‎necessarily mean the site is fraudulent, it does show that the site is less than professional.‎‎