linux

Is it possible to transparently redirect https ---> [http | https]?

Good afternoon!

I'm interested in the possibility of redirecting a request to port 443 (https) to a resource I like, but with minor amendments.
You can do this with a firewall. But at the same time, you need a self-signed certificate, from which all browsers will turn up their noses. You do not need to generate and add a root certificate.

It is necessary, when requesting port 443, as much as possible, transparently (without scolding browsers for a certificate, installing a root network certificate and other things that require any manipulation with the client device) for the client to wrap it in the authorization portal. iptables and [REDIRECT | DNAT] are not suitable if there is no IntranetSSL (expensive solution). Squid and SSL Bump, as far as I understand, also require the installation of a root certificate.

I ask for help from more experienced and knowledgeable members of the community.