One issue in particular is that users have no way to tune the SSL context to accept self-signed certificates, for instance. But I'm sure there are plenty of other limitations.

I thing we should provide a way for users to alter the options of the HTTP client directly. Something like an option containing the name of a class that will act as a callback, maybe?
It will be easier to implement if we switch to the official Elasticsearch REST client, since it already provides a way to use such callbacks: https://github.com/elastic/elasticsearch/blob/b23464403547743e5a797b3b3d4615b9b1dbf32b/client/rest/src/main/java/org/elasticsearch/client/RestClientBuilder.java#L121