Deprecate *Unauthorized Certificates* support

[julien-f]

Is your feature request related to a problem? Please describe.

Currently the only way to accept a invalid certificate (self-signed, expired, wrong host, untrusted root, revoked) is to accept all Unauthorized Certificates.

But this is not ideal as it opens the risk of a man-in- the-middle attack because the attacker could serve any invalid certificate and it will be accepted.

Describe the solution you'd like

The correct solution would obviously be to only use valid certificates but it is not always possible.

One of the solution could be to present the invalid certificate to the user and if accepted, check that the presented certificate is always this one, exactly as web browsers are doing.

@b-Nollet is currently investigating how possible this is in Node.

Describe alternatives you've considered

Another approach could be to make XO a certificate authority and to implement the ability of generating and deploying signed certificats to hosts.

But this would likely be even more work.

[olivierlambert]

Do you mean a modal when we connect to the server, giving some info on the cert, right? (with a validate or refuse option)

[julien-f]

@olivierlambert Yep

[b-Nollet]

I found no solution to accept all types of invalid certificates with the node:https and node:tls libraries. The best solution I found only accepts self-signed certificates, by asking for the certificate and then passing this certificate as CA (see #7363).

I tried using the checkServerIdentity parameter of https.request, but the function passed as this parameter seems to be executed only when rejectUnauthorized = true and if the host is not rejected.

If we want to keep searching how to accept all these different invalied certificates, maybe we should try to look at some other libraries, as I did not found resources on this topic with these node libraries.