There is an option in the settings called "Ignore certificates" which should help you do what you want to.
I've looked into this in the past and remember not being able to check against the system CA store for some reason.

Yes, the option "Ignore certificates" works - but it's the wrong solution. I still want to check my certificate, ignoring it makes the communication vulnerable to MITM attack - at this point one could just use plain HTTP, which also saves on the encryption overhead.

Yes I know and it's on the roadmap, but the app is in beta and this is a quick but dirty solution to the problem.

You're welcome to submit a PR.

It looks like this is the issue:
dart-lang/sdk#50435

Basically, the SDK doesn't follow the system trust store.

The "fix" is to use another HTTP client (platform-specific) that respects the system CAs:

  http.Client get httpClient {
    if (Platform.isAndroid) {
      final engine = cronet_http.CronetEngine.build(
          cacheMode: cronet_http.CacheMode.memory, cacheMaxSize: 1000000);
      return cronet_http.CronetClient.fromCronetEngine(engine);
    }
    if (Platform.isIOS || Platform.isMacOS) {
      final config =
          cupertino_http.URLSessionConfiguration.ephemeralSessionConfiguration()
            ..cache =
                cupertino_http.URLCache.withCapacity(memoryCapacity: 1000000);
      return cupertino_http.CupertinoClient.fromSessionConfiguration(config);
    }
    return io_client.IOClient();
  }

I'm sorry for not getting back to you sooner, I've been super busy at work and other projects! Yep, that looks like a good solution. I'll try it out and let you know.
We've had a bunch of changes of the http client due to that exact reason, but I'm happy to switch once again if this fixes it.