The custom HTTP adapter disables SSL certificate verification by turning off hostname checks and setting verify_mode = 0 (which equals CERT_NONE).This insecure configuration can allow man-in-the-middle attacks.