Currently Spark is using DummySSLSocketFactory which doesn't validate certificates at all. It should be replaced with complex TrustManager which check validity of certificates.