Accessing Caldav via https://mail.$domain.tld:2080 will serve the hostname SSL instead of the domain SSL.
This occurs due to the cpanel-ccs service not having an SSL for the mail subdomain present. The issue has now been solved and implemented in our product as can be seen in our changelog here:
Import TLS data for CCS.
[ root@server ~]# /usr/local/cpanel/bin/servers_queue import_tls_data_for_ccs
[ root@server ~]# /usr/local/cpanel/bin/servers_queue queue import_tls_data_for_ccs
Restart the cpanel_css service.
[ root@server ~]# /scripts/restartsrv_cpanel_ccs