Validating SSL/TLS connections is security-sensitive. For example, it has led in the past to the following vulnerabilities:

* https://nvd.nist.gov/vuln/detail/CVE-2014-5531[CVE-2014-5531]
* https://nvd.nist.gov/vuln/detail/CVE-2014-5524[CVE-2014-5524]
* https://nvd.nist.gov/vuln/detail/CVE-2014-5574[CVE-2014-5574]

SSL/TLS protocols encrypt network connections. The server usually provides a digital certificate to prove its identity. Accepting all SSL/TLS certificates makes your application vulnerable to https://www.owasp.org/index.php/Man-in-the-middle_attack[Man-in-the-middle attacks (MITM)].