It seems Jami is not correctly verifying the SIP CA certificate. I can connect to a server with any certificate. In that case TLS encryption is worthless, because anybody can start a MITM attack. It’s really disappointing that there is no protection against that.