Update HTTPs security check, when client is using HTTP just throw a warning on diagnostic #19527

Description:

Fixes: #19081

Part 2: https://github.com/matomo-org/matomo/pull/19549

Update HTTPS security check, when the client is using HTTP just throw a warning on diagnostic

reopen this issue, as we discussed, not to force users to use HTTPS at this stage, only a warning message. In the next stage, we will force HTTPS connections. Ref Here: https://github.com/matomo-org/matomo-security/issues/195

Review

• [ ] Functional review done
• [ ] Potential edge cases thought about (behavior of the code with strange input, with strange internal state or possible interactions with other Matomo subsystems)
• [ ] Usability review done (is anything maybe unclear or think about anything that would cause people to reach out to support)
• [ ] Security review done
• [ ] Wording review done
• [ ] Code review done
• [ ] Tests were added if useful/possible
• [ ] Reviewed for breaking changes
• [ ] Developer changelog updated if needed
• [ ] Documentation added if needed
• [ ] Existing documentation updated if needed

@justinvelluppillai Do I understand it correct that the purpose of this PR is to show the user a warning if ssl is not supported to either enable ssl support or enable a config option, that currently would only display another warning?

I guess that is meant to avoid possible issues for users when switching to ssl later, but actually that would only have a big difference if we wait a certain amount of time until we switch to ssl. Otherwise, if it would be to quick, users might directly update to a version where ssl is used and may have never seen the warning before. Guess we would need to do that with Matomo 5 then, where, on the other side, this "breaking" change could be directly implemented, without any prior notice. 🤔

Yes that's right, we want to release this as stage 1 which will just warn that soon HTTPS will be default, and then we wait a few months before making it default. Even if we could make it default already in Matomo 5.0.0 we want to give users some warning first, so the change to make it default could be Matomo 5.0.0 or 5.1.0 or even later. Of course some users might still update multiple versions and not see the warning but we will still show a system check at that point to help them.