Hey @enigmatic, welcome to discuss 
In case you haven't already, please take a look to the guide about using custom TLS certificates with Fleet: Configure SSL/TLS for self-managed Fleet Servers | Fleet and Elastic Agent Guide [8.4] | Elastic
Do you see the certificate error in the logs of the elastic agent running fleet server? Or this happens when trying to enroll an additional agent?
You may need to add the CA in Kibana, in the "Advanced YAML configuration" in "Management > Fleet > Settings", as described in this section: Configure SSL/TLS for self-managed Fleet Servers | Fleet and Elastic Agent Guide [8.4] | Elastic.