How do you tell iOS/Android which website to open? You do that by hijacking the request to http://captive.apple.com and then 301/302 it to your domain, with or without https. If the first request iOS made was to be secure, you’d have to have a valid certificate for captive.apple.com running in your infrastructure OR the iOS would have to allow self-signed without asking for exceptions. Both sound like a terrible idea.