[wp381640]

I hope the second is never changed - it’s 2020, time to start authenticating the servers you’re downloading and executing code from

Internal doesn’t mean secure

[MrOxiMoron]

Have to agree, and if it is truly internal why are you doing SSL?

[zzzeek]

SSL for internal services seems to be becoming common these days and that's not a bad thing. Corporate/institutional information warfare is becoming a pretty big deal now (see all the US hospitals being infiltrated) so hardening on the inside to at least slow down an internal threat is not a bad thing at all.