There are so many aspects to "security" that it's hard to respond in any meaningful way. SSL itself may or may not be particularly useful unless it's properly understood and used.
Basically SSL/SLT serves two purposes, one to validate the identity of the site being connected to, which requires a certificate, but who certifies the certificate? A lot of bad certificates have turned up over the years, and still are turning up from time to time.
The other purpose is to encrypt the content being passed. The encryption part doesn't depend on a certificate, but browsers will throw up nasty warning dialogs if there isn't a "recognized" certificate attached, so it's generally not too useful to just use it for the encryption alone.