Say Alice wants to open up an HTTPS connection to Bob through a proxy named Earl.
What prevents Earl from reading alices request, opening a connection pretending to be bob, and then opening a https connection with bob pretending to be Alice , and snooping on the traffic as it passes through ?
This is a good question, I dont know who would downvote that.
ELI5: Alice and bob have an aunt that knows them both and has an unfakeable voice recognition service that allows both to verify who they really speak to.
The security of HTTPs relies on public key certificates.
I recommend reading up on it here: https://en.m.wikipedia.org/wiki/HTTPS#Overview
Especially the part after this segment:
Web browsers know how to trust HTTPS websites based on certificate authorities that come pre-installed in their software.