Https is explicitly designed against man-in-the-middle attacks. Modern browsers make a bigggg fuss if a man-in-the-middle is attempting some shit. Those attacks do not work.
And if you do manage to make it work, it sure wouldn’t be easier than pointing a gun at someone and telling them to pay up for their internet connection.
They could easily do a man in the middle attack, but I doubt they would have the need to rob the poor people of their town.
Https is explicitly designed against man-in-the-middle attacks. Modern browsers make a bigggg fuss if a man-in-the-middle is attempting some shit. Those attacks do not work.
And if you do manage to make it work, it sure wouldn’t be easier than pointing a gun at someone and telling them to pay up for their internet connection.
Not without a client side certificate
You can … If people aren’t tech savvy you can just serve everyone plain http and most people will ignore the warnings.