Newman lib ignores insecure and sslExtraCaCerts option

[wandi34]

1. Newman Version (can be found via newman -v): 5.3.2
2. OS details (type, version, and architecture): Win 10 x64
3. Are you using Newman as a library, or via the CLI? Library in Node 16 app
4. Did you encounter this recently, or has this bug always been there: always been there
5. Expected behaviour: Newman should respect insecure and sslExtraCaCerts options to allow requests to sites with not valid certs
6. Command / script used to run Newman:

   newman.run({
   collection: chosenCollection,
   environment: chosenEnvironment,
   folder: folder.name,
   reporters: ['htmlextra'],
   reporter: {
     htmlextra: htmlExtraConfig
   },
   sslClientCert: path.join(__dirname, './some.cer'),
   sslClientKey: path.join(__dirname, './secrets/some.key'),
   sslClientPassphrase: secrets.passphrase,
   sslExtraCaCerts: path.join(__dirname, './some-website.pem'),
   insecure: true,

Steps to reproduce the problem:

1. Have a collection with requests against https sites using self signed certificates
2. Use newman as a lib inside a node application. (Node 16 used)
3. Run the application and check result
4. Newman has no problems running requests against websites with valid certificates. But running requests against sites with not-valid certificates returns HTTP-503 status with response body like:

Untrusted SSL Server Certificate Your request contacted a host which presented a certificate signed by an untrusted issuer. This is typically caused by a Web Site presenting an incorrect or invalid certificate, but could be because of a configuration error.

This error should not exist with option insecure: true set or with custom sslExtraCaCerts of the requested site.

Running this collection in postman works with switched off "SSL certificate validation"

[Laktus]

When will this issue be addressed? I face the same problem.

[tomaszwojciechowski]

Are there plans for fixing this bug?