Secure Sockets Layer (SSL) is the protocol used by OFBiz to provide secure communications between browser clients and OFBiz webapps. Through SSL, secure communication sessions are enabled by using public and private keys to encrypt and decrypt messages on a user-by-user basis.
Internet web servers implementing SSL keep public keys in "certificates". When a browser or other web-based client lands on a secure web page, it will first query the server's SSL certificate to determine the server's identity, and then, based on that information, decide to request the server's public key so that it may continue to communicate using encrypted transmissions.
Note
Note: technically, the out-of-the-box servlet container (the "Catalina" servlet container and the "Tomcat" engine) provides the certificate exchange and encryption/decryption support. The OFBiz code seamlessly integrates this support so that applications need not worry about the details of secure Internet...