Is it possible to strip SSL and serve plain HTTP to local browsers?

Question

I regularly have problems accessing content due to various SSL problems, such as expired certificates, mis-matched subdomains, clock offsets, etc.I'd like to run some kind of proxy which presents as plaintext HTTP to my browser, and goes out and gets content from the HTTPS equivalent of the same site, ignoring all SSL errors. Does anyone know if this is possible?I am not too concerned about MITM attacks and security in general, because I browse reputatable sites through a reputable ISP in a VM.

mmh0000 · Accepted Answer

Assuming you use Google Chrome, you can start it with a few flags that make it ignore all SSL errors, this will be the "easier" solution than setting up a reverse proxy.

  chrome-wrapper --ignore-certificate-errors --test-type

Otherwise a reverse proxy like Apache, HAProxy, or nginx would work.

Now, instead of doing any of that, you should maybe try and figure out why you're having so many TLS issues where other people do not.

stop50 · Answer

I am using nginx as an reverse proxy. depending if its an local or public domain, i use my step-ca acme server or letsencrypt. dehydrated is used to regularly update the certs and i had only problems with devices without my ca.

madduci · Answer

You might try with nginx acting as a reverse proxy