JWT SecMgr Plugin: Disable common name verification for self-signed certs

The JWT security manager plugin uses libcurl to make connections to an authentication server. The plugin sets the CURLOPT_SSL_VERIFYPEER curl option to zero when self signed certificates are enabled, but it should additionally set CURLOPT_SSL_VERIFYHOST to zero at the same time. Without that change, the certificate must include commonName information that is normally not included.