DNS Cache Poisoning as a Foil to SSL

I recently learned a bit more about DNS cache poisoning, and my understanding of the basic way it works is by editing the DNS cache so that when the victim types in, say, www.google.com they get the attacker's IP instead of google's. So here is my question - is the following attack viable?

1) Take an address such as www.gmail.com, copy its HTML (or the HTML of its redirect) onto your machine, and change its IP in the DNS cache.

2) When a victim connects, they get routed to your machine. They probably get a certificate warning, but they ignore it because everyone ignores them... Anyway, you send them the HTML you already copied, but you edit it so that the username and password are sent to you (if necessary, I haven't parsed through the HTML of gmail's login)

3) Now with a bit of code, you can make it (I think) so that they establish an SSL connection with you instead of google. When they send their username and password to you you just edit the DNS cache back to the way it was and DeAuth them 20 times or so so they get a "connection problem." They log in again and everything is fine - no way for them to know that their password was stolen.

I think this attack is possible, except, perhaps, for establishing the SSL. I know how that works but wouldn't know how to program it -- but is it possible? Would you need to set up a server of your own or could your just route them to your local IP (I assume this would ring some bells somewhere). Thanks!