What about internal certificate servers? (if no self signed ones...)

Since my system was using self-signed certs, which expired today, and those are not allowed anymore, and my home network DNS (SplitDNS with Bind) won’t allow the systems check to pass for “Let’s Encrypt”, I am effectively down and unable to use this product anymore.

Now I also have a separate OPENSSL CA Root used internally by all my servers, I thought I could take the CSR and sign it with that, but when I provided the new CERT and CA chain, Mail-In-A-Box still says it’s self signed and refuses it.

How to I get MiaB to trust my local CA Root? I am kinda at an impasse here, this server is just for me, no one else. I just want my iPhone to get my mail securely with certs I made myself and trust.