That's more or less what OE does. It allows the browser to use HTTP/2 (and encryption) to connect to a site, but keeps the user experience the same as unencrypted HTTP.
That's why self-signed certificates work in this context; the identity of the server's not supposed to be validated (unencrypted HTTP can't validate server identities), so the browser can accept a self-signed certificate without warning.
There's no change to how certificates are authenticated when accessing a site via an https:// URL.
That's why self-signed certificates work in this context; the identity of the server's not supposed to be validated (unencrypted HTTP can't validate server identities), so the browser can accept a self-signed certificate without warning.
There's no change to how certificates are authenticated when accessing a site via an https:// URL.