There’s usually no good reason to turn off SSL certificate check. So this is actually wrong in many ways, but maybe we’re still developing in an isolated dev environment and somehow the dev machine of another application you’re depending on only allows SSL connection even though it doesn’t have a valid certificate. The correct solution is actually to self sign a certificate or add it in the system, so that if your application go live, you will still have ssl certificate check turned on.