Always HTTPS: generate a self-signed certificate if one isn't provided
clockworksoul opened this issue · comments
Matt Titmus commented
This will have some benefits:
- Improved security by making unencrypted HTTP impossible
- We no longer have to figure out if the service is using HTTP or HTTPS.
Thought: "allow insecure" might be refactored to allow self-signed or otherwise less-than-perfect certificates?