Why are developers frequently disabling certification validation in their software? Is it because they are lazy or just plain imbecile? We decided to find out by writing examples to demonstrate certificate checking in as many languages as possible. We found that it was difficult to do properly in the best of libraries, and had catastrophic failure in anything less. There are even a few instances of the libraries built in functions getting it horribly wrong.