This error indicates a client tried to connect but refused to complete the TLS handshake because it didn’t trust the server’s certificate. This is expected: when using a self-signed certificate you should disable certificate validity checks in the client. Your server configuration is fine, it is working as expected, and no amount of parameter tuning is going to make a difference.
What to do on the client side depends on the client you are using. With curl you can pass the -k parameter, for instance, so curl -k https://my-app.local/ should succeed.
