The reason you need an SSL Certificate is to stop the man in the middle hacker from intercepting communication between clients and your server. The SSL Certificate validates that a four step protocol is established creating an encrypted tunnel for communication.
The first step is to establish a hand shake. This occurs when the client reaches out to a server. During the hand shake, the client will give the server the encryption types they support and a random number.
The second step happens on the server side. Here they feed back to the client the types of encryption they support as well as issuing their certificate. In the certificate they will have their domain name, public key, owner of the site, the issuer of the certificate’s details, expiration date and a serial number. Along with passing the certificate, the server also encrypts the clients random number as well as their private key.
The third step is back to the client’s computer. Here the client’s server de encrypts the random number they sent in step one, verifying that the number is correct. The also check the certificate by issuing an Online Certificate Status Protocol (OCSP) request and a CRL (Certificate Revoke List) check, making sure that the server’s certificate is valid.
The final step is to create a unique session pair. Here the encryption tunnel is established making sure that the man in the middle cannot listen to any communication.