Secure Sockets Layer protects data transmitted over http with encryption enabled by the server's SSL Certificate.
An SSL Certificate consists of a public key and a private key. The public key is used to encrypt the information, the private key to decrypt it.
When a browser displays a secure domain, the server and client are authenticated by an SSL handshake. In addition, an encryption procedure and a unique session key are set up. This can start a secure session where privacy and integrity of messages can be guaranteed.