How to disable http security with xpack enabled

Hi, I am setting up on-premise elastic stack with xpack enabled.
As all the infrastructure is with in VPN, I would like to disable http security. But I am not able to use some features of xpack when http security is disabled. So, I am forced to enable http security.

And I had to configure the ca certificate in all the metricbeats to be able to communicate with elasticsearch. Is there any option to disable the ca certificate verification?

I tried with "xpack.security.http.ssl.client_authentication: none", but no use.

What would you like to use that you can't because of xpack.security.enabled being set to false?