Comment by lxgr
You can, but I find that much less secure than being able to TOFU a self-signed certificate:
I once did this, and besides being incredibly unergonomic, now I have to either securely destroy or safely store the signing key for the self-signed CA, or risk malware from performing an MITM against any app on my device, and not just e.g. the email client.
does iphone support name constraints on CA certificates? (https://systemoverlord.com/2020/06/14/private-ca-with-x-509-...)