How Web broswer's ssl works

Question

When a user selects using the ssl of web browser, for example, a user selects the option of using ssl in FireFox, how the Web browser sets the ssl connection? Does the browser has a public key ?

Answer 1

When a user selects the option of using ssl in firefox,it allows the the browser to establish connection with ssl enabled websites.The browser has a set of root certificate authorities like verisign which are well known around the world.So when a website gives a certificate signed by these CAs then our browser automatically recognizes the identity of the website.However,if that certificate is signed by a unknown authority ,then the browser gives a pop-up of unknown certificate and it depends on the user to trust it or not.If you trust it then it gets installed in your browser and that pop up does not come up the next time you connect to that website.Similarly,some websites require client certificates in order to recognize the client.In that case,you need to install your certificate(generally provided by them to a set of users) in the browser so that those websites can identify you.You can say that it is a two communication and involves exchange of certificates from both server and client.

Answer 2

The browser has public keys from root certificate authorities. If a key from a website is signed by one of the root CA's in the browser, it can be verified as trustworthy automatically and ssl communication can start. Otherwise, you get prompted by the unknown/self-signed certificate dialog and decide for yourself whether to trust it or not.