Add 'secure: false' to http proxy

[tamascsaba]

I use https proxy with self signed cert.

Fixes #214

[BigBlueHat]

How do we handle the scenario when not using a self signed cert? This change would effectively mean you could never proxy a secure endpoint securely.

Thoughts?

[tamascsaba]

No, secure: false only means: you don't want to verify the SSL Certs
https://github.com/nodejitsu/node-http-proxy#options

https://stackoverflow.com/questions/31861109/tls-what-exactly-does-rejectunauthorized-mean-for-me

Details:
https://github.com/nodejitsu/node-http-proxy/blob/d8fb34471594f8899013718e77d99c2acbf2c6c9/lib/http-proxy/common.js#L59

https://nodejs.org/api/tls.html#tls_tls_createserver_options_secureconnectionlistener
https://nodejs.org/api/tls.html#tls_tls_connect_options_callback

[BigBlueHat]

Sure. But there are situations where you do want to verify them. Perhaps this should be configurable via an --proxy-insecure param?

[bdefore]

Thanks @tamascsaba this resolved an issue I had where I was receiving an error of Error: Hostname/IP doesn't match certificate's altnames due to it not matching the domain it was supplied for. Certs shouldn't have this issue, but we are transition and need this workaround for development purposes.

I agree with @BigBlueHat that this should have a new flag rather than override by default. Another implementation of this is here: #236

[thornjad]

I'm going to close this for now in favor of the flag-based approaches in #236 and #459