From my experience with how the inners of APKs work, basically there is a link or a web request in the apps somewhere that is requesting a secure link. That warning is saying that the server that is hosting that secure link is using OpenSSL. I couldn't help you more otherwise. The only thing I could suggest is look at the exported code, both from Construct and from XDK, and see where there are request to any HTTPS links. You would have to investigate what those links are used for, where they are connecting, etc...