While I agree it has to do with the cert chains and probably specific to Comodo, the fact still remains that the other Moodle versions on that same server ... 3.1, 3.2, 3.3 do not report that issue when setting up mobile access. So there has been a change to 3.4 setup of mobile. I can't come to any other conclusion.
(not that I'm arguing with ya ... more like venting!)
The OS is kept up to date (CentOS 7) ... am pretty religious about not waiting for updates to build up and normally acquire them very soon after announcements are made by CentOS. While I had been keeping an eye on openssl updates I hadn't been keeping up with ciphers ... that's correct now. I don't re-call ever seeing any update to ca chains/certs.
Did find this:
How to reset trusted CA's in CentOS 6 and 7 - for anyone else seeing the same thing with a CentOS 7.
and have stepped through it all ... no change to the 3.4 notice.
Wish I could talk directly to Comodo, but don't think they'll cooperate as I don't work for the organization and therefore can't speak for them nor to the global cert setup. Organization, BTW, uses the same global cert for their web site ... WordPress.
Running SSLLabs test on entities web site shows no issues just like the server where the moodles are hosted. Have run Comodo's analyser on host where moodles are hosted ... no issues reported. That one shows 'trusted by Microsoft' and 'trusted by Mozilla'. But not trusted by Moodle 3.4?
The chances of finding someone in these forums running Comodo with a global cert are probably pretty slim (to none) - definitely not the same domain.
Not an abnormal situation for me ... so I'll continue to investigate. If/when I arrive at a solution am thinking about keeping it a dark secret! ;)
And a comment ... if past environment checks means future for Moodle ... the https check. Am wondering if that will be come a requirement. Am not against that ... just curious ... not that anyone from Moodle HQ will respond to that.
'spirit of sharing', Ken