The safety of HTTPS is that of your fundamental TLS, which typically works by using extended-term private and non-private keys to create a short-term session critical, which is then utilized to encrypt the data stream involving the client and also the server. X.509 certificates are utilized to authenticate the server (and sometimes the client too).