When I send a request a known site lik facebook, Google,... on https protocol, the certificates are appearing on browser via pedlock.
- How the web site (facebook,google,..) certificate comes to my browser?
- How my browser knows the certificate is valid? is asking the Certificate Authority company?
- What means my computers trusted certificates (on Windows certmgr.msc)?
1. How the web site (facebook,google,..) certificate comes t y browser?
When your browser requests a website using the HTTPS protocol the transfer will start with a SSL/TLS handshake. During this handshake the server will submit the website certificate to your browser.
2. How my browser knows the certificate is valid? is asking the Certificate Authority company?
The website certificate is commonly provided by a certificate authority (CA). The CA has signed the website certificate with its own certificate - after it has verified the websites identity. Every browser has some certificates from trusted CAs pre-installed. These certificates are used to check if the submited website certificated is properly signed by the CA.
In addition the browser may use the Online Certificate Status Protocol (OSCP) to check if the website is still valid.
3. What meansmy computers trusted certificates (on Windows certmgr.msc)?
I guess this is a different topic. The CA certificates used for HTTPS connections are part of the browser (IE, FF, etc.) and no part of the operating system.
Additional notes
The way the browser displays a trusted HTTPS connection depends on the browser and of the type of the used certificate.
If you are interested in some details how the certificates are distributed, you may doa research to the topic of "Public-key infrastructure (PKI)"