An SSL certificate, or secure certificate, is a file installed on a secure Web server that identifies a website. This digital certificate establishes the identity and authenticity of the company or merchant so that online shoppers can trust that the website is secure and reliable. In order to verify that these sites are legitimate (they are who they say they are), the companies and their websites are verified by a third party, such as Verisign or Thawte.
Once the verification company establishes the legitimacy of an organization and the associated website, they will issue an SSL certificate (for the small fee of a few hundred dollars). This digital certificate is installed on the Web server and will be viewable when a user enters a secure area of the website. You can tell you are visiting a secure page when the URL starts with "https." To view the certificate, click the lock icon near one of the edges of your browser window.
Because digital certificates verify a company's current status, they do not last forever. SSL certificates typically expire every one to three years. If the certificate is not renewed in time, you may see an alert box pop up that says "This website's certificate has expired." This error has nothing to do with you or your computer, but is displayed because the Web server you connected to has not renewed its SSL certificate. While this does not necessarily mean the site is fraudulent, it does show that the site is less than professional.