Force TLS certificate verification in registration script.

[dkasak]

Rationale: If using the script remotely, there's no particularly convincing reason to disable certificate verification, as this makes the connection interceptible. If on the other hand, the script is used locally (the most common use case), you can simply target the HTTP listener and avoid TLS altogether.

Pull Request Checklist

• Pull request is based on the develop branch
• Pull request includes a changelog file. The entry should:
  • Be a short description of your change which makes sense to users. "Fixed a bug that prevented receiving messages from other servers." instead of "Moved X method from EventStore to EventWorkerStore.".
  • Use markdown where necessary, mostly for code blocks.
  • End with either a period (.) or an exclamation mark (!).
  • Start with a capital letter.
  • Feel free to credit yourself, by adding a sentence "Contributed by @github_username." or "Contributed by [Your Name]." to the end of the entry.
• Pull request includes a sign off
• Code style is correct
  (run the linters)

[clokep]

Looks like the common case of running this locally ensures you don't use TLS, see:

synapse/synapse/_scripts/register_new_matrix_user.py

Lines 298 to 299 in e9069c9

	if listener.get("type") != "http" or listener.get("tls", False):
	continue

synapse/synapse/_scripts/register_new_matrix_user.py

Lines 308 to 309 in e9069c9

	# TODO: consider bind_addresses
	return f"http://localhost:{listener['port']}"

[DMRobertson]

Seems reasonable to me!