Sure it is. The org insists on making your life difficult, and you just want to get your work done. If they really cared about security they would prioritise fixing stuff like this, but they don't, so you know they don't really care, it's just for show and a need for control.
And if they don't really care about security, why should you?
"http.ssl.insecure=true"
Is not a fix under any circumstance.