Yahoo! Problem solved. I had to made myself into a trusted CA and sign my own certificate. Installed the root certificate into iOS and now Safari allows the websocket connection. Thank you for the pointer!
Unfortunately this didn't work for iOS Chrome, because it does not use the iOS certs, but its own certs, and apparently there is no way to add new trusted CAs to it
Update: It works under Chrome too, even if it don't trust the certificate. The key is that the certificate is not self-signed, and the CN matches the url. In this case, websocket connection works (after accepting Chrome's warning about untrusted connection)