Of course it can! If it has a domain name, it can be blocked. What you may see is the browser grumbling about it.
Essentially all that is happening is a client asks for a domain (e.g ssl.google.com) and if it is on the blacklist, then it returns it's own local IP address for that domain instead of the real one. Which is where you will find the browser complaining. All we return is a blank page/blocking information page, but not via https.
Of course, we could probably get around that by generating self-signed certificates on install, but the user would then need to install that certificate on all of their client machines (I think, I'm not massively proficient in this area!) which makes it an extra, and not vital, step that may scare off the more novice users.
Essentially all that is happening is a client asks for a domain (e.g ssl.google.com) and if it is on the blacklist, then it returns it's own local IP address for that domain instead of the real one. Which is where you will find the browser complaining. All we return is a blank page/blocking information page, but not via https.
Of course, we could probably get around that by generating self-signed certificates on install, but the user would then need to install that certificate on all of their client machines (I think, I'm not massively proficient in this area!) which makes it an extra, and not vital, step that may scare off the more novice users.