Zero Trust - How to filter Web Socket traffic

Hi, I'm using an app (iray server) that uses the same port (9090) for the web UI dashboard and WebSocket to receive data for rendering. I was successful in putting the server behind CF's Zero Trust and using the public hostname to allow access to the web dashboard, but when trying to send data for rendering it fails. I've found this part of documentation but when I try to set this up I get an error "To use the untrusted certificate pass through action, upload and activate a custom CA certificate". I'm not on an Enterprise plan so using a custom certificate is not available to me. Is there any other way of filtering Websocket traffic or some better solution to filter it? Please let me know if I need to provide more info or clarify anything. Thank you!