It seems that the installation script does not validate the SSL certificate. The comment is that executing scripts downloaded from the internet as root is a bad idea, and not validating the SSL certificate when doing so is awful.
Diana Klobukowska
5-16-17
Root command access will be by default deactivated and can only be turned on by the customer’s staff who have sufficient access.
Actually a new version of this bug is SL>>Reports>>Periodic customer statement "accumulates" amounts
Not sure why it was duplicated, I clicked "submit"only once....