That’s not how certificates work. In fact, the whole point of certificates is so a man in the middle can’t do that.
When you try to visit a website at for example websiteA.com, your browser will look at the cert it receives for the website and make sure it was signed by a trusted CA, which your browser keeps a list of locally. A MiTM could make a fake CA to sign their fake websiteA.com certificate with, but your browser would obviously have no record of that fake CA and wouldn’t trust it.
In order for the attack you’re suggesting to work, the attacker would have to gain access to your host itself and plant their fake CA cert on your computer. Or somehow compromise a real trusted CA which would be… a pretty huge deal.
That’s not how certificates work. In fact, the whole point of certificates is so a man in the middle can’t do that.
When you try to visit a website at for example websiteA.com, your browser will look at the cert it receives for the website and make sure it was signed by a trusted CA, which your browser keeps a list of locally. A MiTM could make a fake CA to sign their fake websiteA.com certificate with, but your browser would obviously have no record of that fake CA and wouldn’t trust it.
In order for the attack you’re suggesting to work, the attacker would have to gain access to your host itself and plant their fake CA cert on your computer. Or somehow compromise a real trusted CA which would be… a pretty huge deal.