I'm not sure setting this without a users' explicit permission is ever a good idea.
If people are running self-signed certificates they should either a) provide them (in the form of sslkey and sslcert) to us or b) explicitly allow an insecure connection.
My thinking here is that we should use the options.sslkey and options.sslcert in this call, or add an --insecure flag/option for this purpose.
Found https://github.com/pact-foundation/pact-node/blob/866d73eb92ca64346163389f9ac72d7e3827aec6/src/server.ts#L262-L266 as part of pact-foundation/pact-js-core#58. I assume it's been around a while, so it wasn't appropriate to add as part of that review.
I'm not sure setting this without a users' explicit permission is ever a good idea.
If people are running self-signed certificates they should either a) provide them (in the form of
sslkey
andsslcert
) to us or b) explicitly allow an insecure connection.My thinking here is that we should use the
options.sslkey
andoptions.sslcert
in this call, or add an--insecure
flag/option for this purpose.