For Windows clients, it would be useful to disable the SSL certificate checks when using self-signed certificates. The code could easily be inserted in TWinHttpEngine.DoSend :
// Allow connecting to invalid/self-signed SSL certificates
AllowAllSSLCertFlags := SECURITY_FLAG_IGNORE_UNKNOWN_CA or SECURITY_FLAG_IGNORE_CERT_CN_INVALID or SECURITY_FLAG_IGNORE_CERT_DATE_INVALID;
WinHttpCheck(WinHttpSetOption(Req, WINHTTP_OPTION_SECURITY_FLAGS, @AllowAllSSLCertFlags, SizeOf(AllowAllSSLCertFlags)));