The connections never got past TLS negotiation so there is no chance that a well-known URL or a redirect could have been given by the server and there are none defined on that 12345 port URL hierarchy anyway. Also there are no related SRV records in the DNS.
I tried again and looked a bit further into the data streams. It looks like the server configuration had limited cipher suites so that no common suite was found between DAVdroid and the server on port 12345. The client tried twice, both times ending in the server sending a TLS alert due to cipher suite mismatch. After that I see a DNS SRV query for _carddavs._tcp.server.name.here.invalid which is answered with no such name (nxdomain). Immediately after that traffic to port 443 starts and the note about invalid server cert on port 443 is shown. The cipher suite configuration on port 443 has been compatible enough all the time, so a handshake to that port goes far enough to return the certificate.
I loosened up the acceptable cipher suite list on the server on port 12345 enough to include a cipher suite sent by DAVdroid in the client hello and now it works. Pretty weird / misleading user experience.
Anyway thank you for your work on DAVdroid! Not having native DAV synchronization is a significant deficiency in Android, DAVdroid seems to be filling that gap nicely.