I'm not sure setting this without a users' explicit permission is ever a good idea.
If people are running self-signed certificates they should either a) provide them (in the form of sslkey and sslcert) to us or b) explicitly allow an insecure connection.
My thinking here is that we should use the options.sslkey and options.sslcert in this call, or add an --insecure flag/option for this purpose.
Found https://github.com/pact-foundation/pact-node/blob/866d73eb92ca64346163389f9ac72d7e3827aec6/src/server.ts#L262-L266 as part of pact-foundation/pact-js-core#58. I assume it's been around a while, so it wasn't appropriate to add as part of that review.
I'm not sure setting this without a users' explicit permission is ever a good idea.
If people are running self-signed certificates they should either a) provide them (in the form of
sslkeyandsslcert) to us or b) explicitly allow an insecure connection.My thinking here is that we should use the
options.sslkeyandoptions.sslcertin this call, or add an--insecureflag/option for this purpose.