Unify Endpoint security_protocol and verify_ssl usage

[agrare]

We have a somewhat confusing mixture of Endpoint#verify_ssl and #Endpoint#security_protcol in use by various providers.

Typically providers which only accept verify_ssl [VERIFY_NONE, VERIFY_PEER] have no option for non-ssl.

security_protocol commonly has options of: ['ssl-with-validation', 'ssl-with-validation-custom-ca', 'ssl-without-validation', 'non-ssl']

We should ensure we are using these fields consistently across providers and where possible add utility methods to build URLs into the base class in cases where that logic is duplicated in provider methods.