If you want to know how https ensures security, you need to know how it works. A picture looks something like this:
First, the client initiates an https request: the client will send a ciphertext family to the server. (The server using the https protocol must have an SSL certificate, so you need to apply for an SSL certificate. )
The server will then configure that the server will select one of these ciphertext families.
Then transmit the certificate: this certificate is actually a public key, but it contains a lot of information, such as the issuing authority of the certificate, the expiration time and so on.
Next, the client parses the certificate: the client verifies whether the public key is valid.
Then the encryption information is transmitted: the encrypted random value of the certificate is transmitted.
The server decrypts the information: the server decrypts the information with the private key to obtain the random value sent by the client, and then uses this value to encrypt the content symmetrically.
Transmission of encrypted information: the information encrypted by the server with random value can be restored at the client.
Finally, the client decrypts the information: the client decrypts the information sent by the server with the previously generated random value, so the decrypted content is obtained.
The whole process is perfectly coordinated, and no third party can intervene, which ensures the security of data in the transmission process.