It was found that the internal TLS code in wget does not implement validation of the server's certificate.
Created wget tracking bugs for this issue:
Affects: fedora-all [bug 1595612]
Created busybox tracking bugs for this issue:
Affects: fedora-all [bug 1595680]
The support for https in busybox's wget was first added in version 1.23.0. The version of busybox in Red Hat Enterprise Linux 6 and earlier are based on older upstream busybox versions and do not support https at all.