In a man-in-the-middle attack, an attacker intercepts messages and modifies them, and then passes them on to the intended recipient.
SSL's system of certificates and private keys prevents this. An attacker would have to fake a certificate and somehow get it signed with a CA's key.