This is false
The way it is described can never work
1. you can't change headers of an ssl connection
2. you simply can't use certificates twice on different servers (well that's a bit quick and dirty said, but "the man in the middle" with certificates does not work)
If this should work, wich it does not, all e-banking and online payments are doomed