The security of HTTPS is that with the underlying TLS, which generally utilizes extended-time period public and private keys to make a short-phrase session key, and that is then utilized to encrypt the data stream amongst the shopper as well as the server. X.509 certificates are accustomed to authenticate the server (and sometimes the customer too)