diff --git a/CHANGES.txt b/CHANGES.txt
index 2c51fd16..ccbf88e5 100644
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -7,6 +7,10 @@ Unreleased
 
 - Added official Python 3.9 support.
 
+- BREAKING CHANGE: The driver now verifies SSL certificates when connecting via
+  HTTP by default. Previously, this setting defaulted to false. This setting
+  can be changed via the ``verify_ssl_cert`` connection parameter.
+
 2020/09/28 0.26.0
 =================
 
diff --git a/docs/sqlalchemy.rst b/docs/sqlalchemy.rst
index fcf20df1..89d52391 100644
--- a/docs/sqlalchemy.rst
+++ b/docs/sqlalchemy.rst
@@ -105,7 +105,7 @@ the ``connect_args`` argument, like so::
 When you do this, the Database API layer will use its :ref:`round-robin
 <multiple-nodes>` implementation.
 
-The client does not validate `SSL server certificates`_ by default. To configure
+The client validates `SSL server certificates`_ by default. To configure
 this behaviour, SSL verification options can be passed in via ``connect_args``
 too::
 
diff --git a/src/crate/client/connection.py b/src/crate/client/connection.py
index 33e3697e..0bd77bdb 100644
--- a/src/crate/client/connection.py
+++ b/src/crate/client/connection.py
@@ -33,7 +33,7 @@ def __init__(self,
                  timeout=None,
                  backoff_factor=0,
                  client=None,
-                 verify_ssl_cert=False,
+                 verify_ssl_cert=True,
                  ca_cert=None,
                  error_trace=False,
                  cert_file=None,
@@ -62,7 +62,7 @@ def __init__(self,
             client used to communicate with crate.
         :param verify_ssl_cert:
             if set to ``True`` verify the servers SSL server certificate.
-            defaults to ``False``
+            defaults to ``True``
         :param ca_cert:
             a path to a CA certificate to use when verifying the SSL server
             certificate.
diff --git a/src/crate/client/doctests/sqlalchemy.txt b/src/crate/client/doctests/sqlalchemy.txt
index a3893d4a..90900e3d 100644
--- a/src/crate/client/doctests/sqlalchemy.txt
+++ b/src/crate/client/doctests/sqlalchemy.txt
@@ -32,7 +32,7 @@ The ``connect_args`` parameter has to be used to do so::
     ... })
     Engine(crate://)
 
-As defined in :ref:`https_connection` the client does not validate SSL server
+As defined in :ref:`https_connection` the client validates SSL server
 certificates by default. To configure this behaviour, SSL verification options
 can be given via ``connect_args`` too::