Here’s how I generated the CA:
# openssl genrsa -des3 -out my-ca.key 2048
# openssl req -x509 -new -nodes -key my-ca.key -sha256 -days 1825 -out my-ca.pem
I’m sure I’ll receive flak for how I went about it, but importing that pem into the “install certificates” bit of the settings works like a charm.
“Nonono, I was told it was Hamas!” 😐