How to disable certificate validation when access an HTTPS registry

From https://docs.docker.com/registry/insecure/

With insecure registries enabled, Docker goes through the following steps:

* First, try using HTTPS.
  * If HTTPS is available but the certificate is invalid, ignore the error about the certificate.
  * If HTTPS is not available, fall back to HTTP.

However, when I add an IP address into “insecure-registries” and access the registry by this IP, it seems that it use HTTP directly and got the error:
(env) ➜ .docker docker pull 10.10.10.10/project1/service1:v1
Error response from daemon: Get http://10.10.10.10/v2/: net/http: request canceled (Client.Timeout exceeded while awaiting headers)