The thing that you are doing doesn't disable ssl verification, it just disables verification of the hostname presented... it will still verify that the certificate presented comes via a trusted path, although the certificate can be for any host. You need to set up an sslcontext with an "accept all" trust strategy too, I'm thinking.

Thanks! let me try this and get back