Hi
To disable the HTTPs is not an option, because the client's browser block the connection when he open an SSL protection page. For example:
Client open "https://www.google.com" -> Controller redirect to CP "http://securelogin.arubanetworks.com" -> Client block insecure connection and neither the CP nor google will open.
To solve this issue, replace the certificate on the controller or instat with a one of yours, change the CP URL to custom one and add this in your internal DNS.
I hope that helps.