@barry-scott thanks, but that’t not an answer to the original (and my) question.
It used to be that you could tell OpenSSL to use the self-signed certificate as a root certificate by configuring this one cert as the CA cert list. It looks to me that OpenSSL does not allow that anymore? If that is indeed the case, a very common use case for self-signed certificates would be blocked, as Maxim pointed out.
I do not want to create my own CA and start managing certs and CA config all over the place. I just want to configure the one client I have to trust the cert that this one server has. It used to be simple to do that.