What makes SSL secure?

Question

I\'ve been reading a few sites on the internet on how SSL works, but I don\'t understand how exactly it makes things secure. Probably because I don\'t understand completely

Answer 1

surely an encryption key needs to be shared. If someone is eavesdropping on your connection, wouldn't they just be able to grab this key

No. The key is never transmitted. It is computed at both ends independently via a key-agreement algorithm.

What prevents a rogue server from faking a certificate signed by a root certificate provider?

The certificate is sent along with its digital signature which is made with the private key, and verified by the peer via the certificate's own public key. The server would need the private key of the server it is spoofing.