SSL
Basically it's Public Key encryption technology, just like OpenSSH. A Private/Public Key pair is the prerequisite. Speaking of HTTPS, the public key is embedded in a digital certificate with additional information describing the owner of the public key, such as name, street address, and e-mail address. A private key and digital certificate provide identity for the server.
Trusted Certificate Authorities (CA)
Examples (JVM level):
Ubuntu and Debian
/etc/java-6-sun/security/cacerts
Red Hat Enterprise Linux and Oracle Linux
/usr/java/latest/jre/lib/security/cacerts
WebLogic Server 11g (10.3.1 - 10.3.6)
MW_HOME/wlserver_10.3/server/lib/cacerts
Reference
Tomcat 6.0 SSL Configuration How-To
Securing WebLogic Server - Configuring Identity and Trust (10.3.6)
Securing WebLogic Server - Configuring SSL (10.3.6)