Add SSL Certificate check overrides #28
Description
I'm not sure if we should do this or not, but it does seem like it would be useful for testing, troubleshooting, etc. If we do implement, I'd like it to have somewhat granular controls over what, exactly, can be overridden: certificate name match, expiration, trusted root chain, and revocation checks.
Might not be a bad idea to also allow supplying a certificate that you expect, implicitly trusting the server you're connecting to if it is using that cert regardless of any other issues with it, and refusing to connect to any server not supplying that specific cert. This might be better off as a separate issue, but seems related enough to me to include here. It would be useful for self signed internal systems if you want to prevent a malicious proxy without having to set up trust on the system (or for a process that's expected to be able to run on multiple systems without needing additional setup).
Not adding this to the 1.0 target as it could turn into a fairly large amount of work, and I want to think it through before dedicating that much time.