Turns out, if you just want to disable certificate validation altogether, you can change the ServerCertificateValidationCallback on the ServicePointManager, like so:
ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };
This will validate all certificates (including invalid, expired or self-signed ones).