My frustration is limited to trying to work with this forum software. For some reason it does not display correctly with Safari for me. I just downloaded Chrome, and I can now actually see ALL of the messages! And they don’t jump around while viewing them! 
So I will just switch over to Chrome when I am here. If I seem frustrated I’m sorry for giving that impression.
I should have titled the post “How do I now secure my working CBL app” instead of focusing on SSL since SSL without authentication is useless, at least in my case. The initial answers from paulharter and pasin cover those two areas. I seem to now have working authentication, but now that I’ve been told about the authenticator property on CBLReplication I will replace my code with an AuthenticatorFactory and see if I can determine how to make that work since it will probably be supported in future versions of CBL.
So, currently, in my app, the certificate is evaluated and the resulting kSecTrustResultRecoverableTrustFailure aborts the process, likely because the host does not match. As mentioned above, AFNetworking doesn’t abort on this state and I expected similar behavior. It would be nice if CBL would report on this result instead of silently failing. Perhaps a logger for these kinds of issues would be useful to add one day?
I am currently setting up my OpenSSL as a Certificate Authority in the hopes that I can construct a certificate with “X.509v3 extensions” that that doesn’t evaluate to kSecTrustResultRecoverableTrustFailure, but which passes the test. I hope that is my last hurdle.
And finally, to address your statement about “those of us not familiar with your application’s codebase”. I don’t see it that way, the issue is me understanding the CBL code base and how to use it. The ideal answer to my question would have been to direct me to a working sample that implements a secure environment. I can’t see any way around the need for good security solutions in the application space you folks seek to be targeting. Mobile devices live out in the wild and should not be sending data or credentials in the clear. Ever. At the very least you should have a whitepaper that covers this topic. If you don’t publish solutions for CBL, other people will, and who knows what they will suggest? If CBL didn’t claim to support some degree of security I would not have chosen to use it. Two weeks ago I knew nothing about SSL and authentication and since then I’ve read tons of incomplete and sometimes incoherent information on the web about how to secure mobile apps, some of it being outright wrong and potentially compromising security. If some frustration leaked out from my postings here, it comes from me expecting the people behind CBL to be very serious about security, but then, I’m a bit more paranoid about security that most devs, so it must be coming from that! 
Cheers.