The warning we have currently is not enough:
2014-03-07T12:49:45.742-0500 warning: No SSL certificate validation can be performed since no CA file has been provided; please specify an sslCAFile parameter
Users should have to additionally specify --sslAllowInvalidCertificates in order to start the server when:
- SSL is enabled in any way
- No certificate has been provided via --sslCAFile
It is extremely easy to not see the warning and assume that certificate validation is occurring.