Please take a look at this code:

<?php
$url = "the_source_url";  
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
$result = curl_exec($ch);
print_r($result);
?>

This page is accessed by my Android app to get a date from some source. The url returns a json data, which I print back, then, in my app, I process the data and display it. This is working fine for me right now (I'm still in the testing phase).

I read in SO that disabling the SSL (whih I did in line 6) is risky and not recommended. However, I couldn't make my script work unless I disable it.

How to make it work without disabling the SSL? Or how to eliminate the risk?

Disabling the certificate would make you vulnerable to man in the middle attack, You can download use the certificate

curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, TRUE);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt ($ch, CURLOPT_CAINFO, "PATH_TO_CERTIFICATE/cert.pem");

To get the certificate follow this guide

Then click on “View Certificate”:

Bring up the “Details” tab of the cerficates page, and select the certificate at the top of the hierarchy. This is the CA certificate.

Then click “Export”, and save the CA certificate to your selected location, making sure to select the X.509 Certificate (PEM) as the save type/format.

Image Source : http://unitstep.net/

You need to add the option CURLOPT_SSL_VERIFYHOST and set it to false:

curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, FALSE);

This disables SSL host verification so that you can access a host which uses a self-signed certificate. If the host has a valid certificate then check @Baba's answer

Security considerations:

The connection is encrypted and can't being sniffed that easy. But you can not make sure that the the server is the server. So a hacker could sniff traffic using a man in the middle attack. If you want to get sure you'll have to go @Babas way and import the certificate from the server