Malakai, the network passes down a certificate in the 1st phase of authentication. Your device tries to verify this cert, hence if you don't have the root on device, or device time is wrong, or cert has expired, you get the error you already get.

You are correct that this protects the user's password from sniffing. even when you don't have the cert, and don't verify, the connection still does get encrypted. The risk here is that someone could setup a rogue network and therefore see your password. Verifying is advised if at all possible