It would be useful with an option to accept any TLS certificate of the server. User might only be using TLS for encryption.

But perhaps doing it the TOFU way, like tigervnc's vncviewer does it; if a certificate is not signed with a known authority (and some other errors), and it is not found in ~/.local/state/tigervnc/x509_known_hosts, when ask user about making an exception, and if user wants that then store the cert (its pubkey) in that file and continue connecting.