TLS verification defaults to OFF in CMake. Assuming the user system certificates are working, there can be a security benefit from a a global option for project TLS verification via CMake variable CMAKE_TLS_VERIFY. Meson build system uses TLS verification by default, warning if verification fails.
CMAKE_TLS_VERIFY allows a user to globally configure certificate verification.
In case of suspected broken certificates, verification can then be easily switched off temporarily.
We suggest near the beginning of the CMake project:
option(CMAKE_TLS_VERIFY "Verify TLS certificates" ON)
The user can override this default by:
cmake -Bbuild -DCMAKE_TLS_VERIFY=OFF
The example uses badssl.com, that purposefully has a variety of certificate problem URLs.