An SSL certificate works through an encryption process known as Public Key Infrastructure (PKI). PKI uses two keys: a public key and a private key.
When a web browser connects to a website that has an SSL certificate, the web server sends its public key to the user's browser. The browser uses this public key to generate a symmetric session key, which is used to encrypt all data exchanged between the browser and web server.
The session key is then encrypted using the web server's public key and sent back to the server. The server uses its private key to decrypt the session key, allowing it to be used to encrypt and decrypt the data exchange between the browser and server.
This encryption process ensures that all data exchanged between the browser and server is secure and cannot be intercepted by third parties. It is important to note that the web server's private key must be kept strictly confidential to ensure the security of the connection.