After searching the web and reading through some material, This is what i understand.
SSL certificates (issued by third party) are to be added to the wcf service via IIS which we want to expose. This will only make sure that the server is secured. Now a client needing information from the wcf server would initiate a SSL handshake by sharing the SSL version it has and the information it is wanting.
Now server send the client the SSL certificate it has. This certificate should be either trusted by teh client or should be trusted by a third party (example - verisign)the client trusts.
Once the client knows that this is the server its really intended to connect for information, A key is exchanged. Both server and client now can compute the encrypted key. The client tells the server that further communication can be encrypted and sends an encrypted and authenticated message to the server.
The server finally verifies if the authenticated messaged can be decrypted correctly, it informs the client via a message and the client verifies as well.
Now the process of handshake is complete. Very interesting to know what happens behind the scene when SSL certificates are used for secure transactions.
Very detailed information available at :
http://security.stackexchange.com/questions/20803/how-does-ssl-work[
^]