Evergreen communicates with third-party vendor APIs using the new OpenILS::Utils::HTTPClient module. This module is configured using settings in opensrf.xml. The default settings should work for most environments by default, but you may need to specify a custom location for the CA certificates installed on your server. You can also disable SSL certificate verification on HTTPClient requests altogether, but doing so is emphatically discouraged.