I need some clarification. Is the certificate signed by Apple for use with notifications or is it signed by an SSL root certificate authority (like VeriSign)?

Apple signed certificates are only to be used with WebServer to Apple Server communications like the Apple Push Notification Service. They are not intended for iOS device to WebServer.

A SSL certificate signed by a SSL root certificate authority should just work.

I think you are looking for an HTTP over SSL/TLS primer. So, here it goes.

HTTP is an unencrypted channel. The request and response are in a plain text data stream. HTTPS is an encrypted channel. The request and response are in a data stream encrypted using a shared master key. The magic of SSL/TLS is how this encrypted channel is created.

First, the client and server say hello to each other (in a clear channel).
Next, the client downloads the server’s public certificate (in a clear channel).

At this point, the client has some work to do. It needs to verify the certificate. It needs to know that it understands the certificate, that the date range is valid, that the certificate is signed by a trusted certificate authority, and that the certificate has not been revoked.

Now, the client knows that it can trust the server.

Next, It sends a few short messages encrypted with the public key of the server (which is in the server’s public certificate). These messages can only be decrypted by the server’s private key (which only the server knows about). These messages allow the client and the server to negotiate a master key.

Finally, the client and the server begin the normal HTTP request and response using the newly created encrypted channel.

I hope this is what you are looking for. For a more detailed description see: http://www.moserware.com/2009/06/first-few-milliseconds-of-https.html