You are correct.
The workaround is to disable secure communications on the Plex server and the client.
Note: If you do so, you will have to access your Plex server via http://pms_ip_address:32400/web when using the web interface.
Plex Media Server: Settings → Network → Secure Connections = Disabled.
Plex Android app: Settings → Advanced → Allow Insecure Connections = Always
