So,

Now we have issues with the fact that we are trying to use an OLD phone :) certiificates for most encrypted places don't work. I either have to use non-secured places or install root certificate. Both ways are OK, but I guess non-secure place is more reliable - what if phone lost correct date and time settings - certificate could be still invalid althought everything is installed.

So, for email I'll probably use Yandex for devices (smtp-devices.yandex.com) which is not secured and for HTTP forms I'll setup my own server.