Secure Sockets Layer (SSL) protects the web users in two ways, it uses public key encryption to encrypt sensitive information between a user’s computer and a website. Visiting a website certified with an SSL certificate doesn’t mean that the website is not bogus. At least 6;845 (0:2%) of them were in fact tampered with forged certi cates i.e. self-signed digital certificates that aren’t authorized by the legitimate website owners, but will be accepted as valid by most browsers.
Source: https://thehackernews.com/2014/05/fake-digital-certificates-found-in-wild.html