[darkarmani]

Instead of a pihole, you'd run a https proxy that doesn't trust the certs i guess.

[Snawoot]

Which https proxy you're referring to? HTTP proxies capable of forwarding HTTPS just offer HTTP CONNECT method, which allows client to tunnel regular TCP connection and HTTPS inside it. These proxies do not do anything with certificates.