The SSL protocol is the web standard for encrypting communications between users and SSL protected web sites and services.
Data sent via an SSL connection is protected by encryption, a mechanism that prevents eavesdropping and tampering with any transmitted data. SSL provides businesses and consumers with the confidence that private data sent to a web site, such as credit card numbers, are kept confidential and cannot be read read by unauthorized parties. To initialise an SSL session, an SSL certificate is required and has to be setup on the server.
Customers know when they have an SSL session as their browser displays the little gold padlock and the address bar begins with a https rather than http. Strong encryption and business validation is also displayed with a green address bar in modern browsers.
SSL certificates can be used to secure different protocols on a web server (e.g. web traffic, email traffic, FTP, etc.).
Summarizing, SSL certs are used to protect information that is sent from a user to the target server and vice versa.