How does SSL use symmetric and asymmetric encryption? And how do I manage certificated for multiple sites on one host?

Yes, that's right. Asymmetric encryption is necessary to verify the others identity and then symmetric encryption gets used because it's faster.

You're wrong at points 4 and 5. The server and client independently compute the same session key. It is never actually transmitted at all.