The required feature described as a wish

For internal traffic, it is common practice that HTTPS/TLS is used, but:

• the TLS certificates are often self-signed, or issued by an internal CA (not a public one like Let’s Encrypt).
• Sometimes services just use the server’s IP address instead of a DNS name.

Disabling SSL certificate and hostname verification increases compatibility, allowing CloudStack to interoperate with a wide range of hypervisors, networking equipment, and storage devices. This behavior is intentional by design, to ensure broader support across diverse environments. For example,

• Connect to Vmware vCenter
• Connect to Xenserver
• Connect to some external storage or network devices

We could provide more flexibility and also stronger security, including but not limited to

• Allow users to bring their own SSL certificates
• Support host name (DNS) instead of host ip in SSL communication
• Add an option for enforce SSL certificate verification
• Add an option for enforce hostname verification