SSL protects data in transit. By making sure that any data transferred between users and sites, or between two systems remain impossible to read. It uses encryption algorithms for the same.Also handshake kind of mechanism happens when browser first initiates https request to server. Browser receives the public key and validates cert from and responsible for decryption.More answers here - https://stackoverflow.com/questions/10959961/how-does-ssl-encrypt-data-from-server-to-client

When an SSL certificate is used, the information becomes unreadable to everyone except for the server you are sending the information to because of the encryption mechanism and secret key concept.

SSL certificates have a key pair: a public and a private key. These keys work together to establish an encrypted connection. The certificate also contains what is called the “subject,” which is the identity of the certificate/website owner.