This issue is good and also problematic.It’s awesome that Connect will reject private or self signed certs by default, but its problematic for HTTPS content filtering.
It seems that Connect doesn’t play well with certificates for local HTTPS proxies, I suspect. For example, the proxied traffic for Connect through AdGuard does not work correctly when HTTPS filtering is enabled.
While it can sometimes work for connecting to an instance and retrieving post lists, using the embedded Connect browser will absolutely not work for HTTPS sites. (It shouldn’t work in any situation, honestly.)
A work around, for when the instance connection itself works, is to have Connect use an external browser for all links.
Boring AdGuard documentation about what and how it functions for those who care: https://adguard.com/kb/general/https-filtering/what-is-https-filtering/
I have included some screenshots of what happens when I have my HTTPS filter enabled: