I was glad to see this wasn't just a problem I was having; it would have taken me too long to guess that the accounts would need to be deleted and re-added.
There was an additional hitch for me, which I'm posting in case anybody else has problems: even after deleting and re-adding all my DH accounts, I still didn't get the "Trust" button. This was because I had my DH mail server lingering in the list of SMTP servers (from a previous round of email-wrestling). Once I removed it — by going into the list of SMTP servers via a different (non-DH) account, and deleting it there — I was able to re-add my DH accounts and get a "Trust" option.
Between the instructions, the odd Apple choice to not provide a "Trust" button, and the rarity of having to do this sort of thing, this problem ate up an insane amount of time. I hope it's faster for the next folks who find this post — or that a simpler method is available the next time the certificates change.
[Edit: I forgot to mention: iPhone 6S running iOS v10.2 (14C92).]