Regarding the initial question, I experienced issues with a self-signed certificate on iOS14. I properly installed the Root CA (RSA4096/SHA512) from SettingsGeneralProfiles after downloading the public key on my iOS14 device. I enabled the Root CA to be trusted within SettingsGeneralAboutCertificates I tried to reach a website (via Safari) and a MS Exchange server (via Apple Mail). Both are using a certificate signed with the Root CA here above. But I was still receiving a message telling me the issued certificate is not trusted on my IOS14 device. I also tried to directly install the web server certificate (RSA2048/SHA256 valid for 3600days) issued from my Root CA in SettingsGeneralProfiles after downloading that public key... but still facing the same error. I managed to solve it using recommendations here: https://support.apple.com/en-us/HT210176 I now also use RSA4096/SHA512 for the issued certificate and set its validity to 825days. I added the FQDN to the Subject Alternative Name in addition to the usual Common Name