I have never used StartSSL however many individuals and companies alike use SSL APIs and auth now, like the new(ish) Facebook sdk.

Note that self signed certificates are not supported as a valid security mechanism by many browsers and other software.

You cannot make SSL certificates in PHP, instead you must make then using a tool like OpenSSL. Here is a brief tutorial I found on Google: http://www.akadia.com/services/ssh_test_certificate.html .

SSL is mainly designed to make the transference of data across the line a little more secure and when reading in connections through PHP you would validate the certificate to see if it matches the one it is supposed to (http://stackoverflow.com/questions/3081042/how-to-get-ssl-certificate-info-with-curl-in-php) much like how a browser downloads a sites SSL cert and then uses that to create a secure connection. I wouldn’t imagine you would have a certificate per user.

After this all your data goes over HTTPS rather than HTTP allowing for SSL auth.

Depending on the SSL auth system, if it is an API then your cURL request would be sent over HTTPS rather than HTTP.

If you are making this for a login page on a website then it is a lot simpler than I have said above (well in theory, there are still a lot of thing you can mess up). If you are doing this then you would simply add the SSL cert to your server and then add it to your server config (another quick tutorial for Apache from Google: http://www.digicert.com/ssl-certificate-installation-apache.htm ) and then literally proceed as you normally would redirecting the user to a https of the login page and the login processing page (making sure you have a vhost for 443 if your in Apache).

Edit: Openssl does have a PHP API as I just remembered so I was wrong there.

This is how I see SSL auth going down.