Gateway Error 526 Cannot implement Passthrough

Hi,
i have a case where the customer is using WARP to access 10.0.0.0/8 via cloudflared. When the customer access an internal resource that has a self signed untrusted certifice we get the 526 error.
i undestand why i get the error (becuase the certificate is untrusted) however i want to configure an allow policy with the action for untrusted cerfiticates to pass through.

when setting up the policy i get the error “To use the untrusted certificate pass through action, upload and activate a custom CA certificate”

im using the default cloudflare certificate on the clients and dont want to use a customer certificate.

My questions:

  • Why can i not use the default CF certificate? ( i think this is because the endpoint cert not trusted by CF or client)
  • how can i implment a fix that isnt a do not inspect policy?

any insight is greating apprecianted

Thanks