With HTTPS, when a browser sends data to a website, it's asymmetrically encrypted with the public key, and decrypted with the websites private key. I'm guessing it's the service provider that actually does the decoding, so Route 53 if you're using AWS, since on my EC2 instance, I never added any code to decode every message.
But when the website sends data back to the browser, how is it encrypted? Is the first visit never encrypted, but the browser sends a key with the first message encrypted with the public key that Route 53 remembers?