Let's first discuss client side SSL, and then we will focus on server side. Your browser comes pre-installed with trusted CAs. Every time we visit a website, your browser verifies a trust chain and, during handshake, ends with one of the locally trusted root certificates.