Functionally your set up is doing the same thing as a seedbox. They are generally thought of as remote and usually have a very good Internet connection. I think people tend to share seedboxes as well.

Much like in the attached image, OP has requested help with a specific thing and the responder has not provided any helpful information and has simply told OP to do something completely different with no further explanation.

Not quite. This might be a better explanation than I’m providing: https://chat.openai.com/share/c77fc7ed-9d68-4076-ab70-e953a3896bb6

If I understand the question, the traffic in your local intranet will basically always be encrypted with your root cert. So client -> proxy with your cert, then normal internet encryption from proxy -> internet.

For the apps, it depends on the app, but you can usually insert your cert into their store, it might just be different than the systems store. This could be hard to do on an non-rooted iPhone, idk. My experience is with Linux desktops. For example, in chromium based apps, there is a database in ~/.pki/nssdb that you can insert your cert into. Again, this is something I do at work where we have a very tightly controlled network and application stack. I would not recommend a MiTM proxy for your home environment, it will only cause headaches.

I think it’s important to understand how a typical SSL certificate is generated. Basically, there are a handful of companies that we have all agreeded to trust. When you download Chrome it comes with a set of trusted root certificates, so does your OS, etc. So when Amazon wants to create an SSL for amazon.com, the only way they can do that is by contacting one of those handful of trusted companies and getting them to issue a certificate that’s says Amazon.com. When you go to the site, you see a trusted party generated the cert and your browser is happy.

When you create a new root certificate and install it on your computer, you become one of those companies. So now, you can intercept traffic, decrypt it, read it, reissue a certificate for amazon.com (the same way Amazon would have gotten one from the third parties), reencrypt it, and pass it along to the client. Because the client trusts you it’s still a valid certificate. But if you inspect the certificate on the client side the root signer will no longer be GoDaddy or whatever, it will be you.

qbitorrent has a webgui built in. You can access it simultaneously from multiple machines over http

But why though? You could set up a proxy or something, but I can’t imagine why you would do that