I've got an issue trying to make 2 devices communicate over HTTPS on a LAN because of Android's lack of support for mDNS.

Put simply, I'm developing and Android app (the client) that'll send HTTPS requests to an IoT device (the server) on the same LAN. Both the client and server are meant to be on the same network (IPv4 LAN) with dynamic, DHCP-served IP addresses.

Problem is, the server uses a self-signed certificate for which the subject is set to its hostname (that is broadcast by mDNS). And because Android does not support mDNS, I can't find a way to reach my server using its hostname.local address. If I use the server's IP address directly (that I get by debugging the server), my app will obviously not trust the connection as the server's certificate does not reference the IP but only its hostname.

If my app were to run on an mDNS-enabled device, I know for a fact that I could just use https://server.local as the client trusts the Root CA of the server and, by inheritance, trust its own leaf cert.

I've read that a "workaround" would be to implement an NSD listener in my Android app to retrieve the IP address of my server on the LAN. But it does not seem to solve my issue as I'm not really interested in resolving the hostname of the server: I just want to query https://server.local so that the app can trust the connection (because the server's cert only covers the hostname).