Application Security - What is an SSL certificate (Biotime Technical documentation)

What is an SSL Certificate

A public key or digital certificate (formerly called an SSL certificate)uses a public key and a private key to enable secure communication between a client program (web browser, email client, etc.) and a server over an encrypted SSL (secure socket layer) or TLS (transport layer security) connection.  The certificate is used both to encrypt the initial stage of communication (secure key exchange) and to identify the server.  The certificate includes information about the key, information about the server identity, and the digital signature of the certificate issuer.  If the issuer is trusted by the software that initiates the communication, and the signature is valid, then the key can be used to communicate securely with the server identified by the certificate.  Using a certificate is a good way to prevent "man-in-the-middle" attacks, in which someone in between you and the server you think you are talking to is able to insert their own (harmful) content.