In case it’s helpful, Clint’s post on another thread has instructions on how to generate a valid self-signed certificate via PowerShell, and if using that self-signed cert, you’d likely need to install that certificate on each device.
I used their instructions specifically because I ran into the “ERR_SSL_KEY_USAGE_INCOMPATIBLE.” error when accessing Epicor via the web UI and/or REST.