I've read about corporate MITM 'attacks' where they replace the root CA on company hardware in order to monitor traffic over SSL that takes place on their network, but is it possible for them to do the same on my personal phone if I connect to the wifi?
I would think that since they do not have administrator access to the phone they would not be able to decrypt https traffic but I would also think that this might be something the network administrator would be interested in trying to see.
First, it is not about replacing the CA's but about adding another CA, i.e. the proxy CA used for intercepting the SSL connections. They will not be able to add the CA to your private phone just when you connect to the Wifi.
But, as long as you don't have the proxy CA installed SSL connections will simply not work for you inside the company networks, because the certificates cannot be validated any more. It is not that they simply stop intercepting the SSL connections if the client does not have the proxy CA installed but instead they still intercept and leave the resulting problems to the client.
And it is usually perfectly legit that companies do SSL interception inside their own network to protect their infrastructure. SSL does not make web sites magically secure but only protects the transport. Malware can still be delivered by websites using SSL, either deliberately or more common because the site was hacked. If you don't like that your private phone is being monitored within the companies network simply don't connect to it. This would be probably more secure for the company too since this is one possible attack vector less to care about.
To add to Steffan's excellent answer, simply connecting the phone to the WiFi cannot, by itself, add a certificate (CA or otherwise). However, if you enable your employer's mobile device management (MDM) on your phone - which may be required in order to do things like access your company email account or connect to internal (intranet) web pages - then the MDM software may be able to install a root CA certificate.
The details of what MDM makes possible depend on the phone operating system and the MDM software used, but all major mobile operating systems support at least some MDM. On the other hand, just because MDM is in use doesn't mean that a CA certificate has been installed. MDM gets used for many other things as well. Among the most common are enforcing the use of a PIN on the phone, requiring that the phone's data be encrypted, and giving the company the ability to remotely wipe the phone if it gets stolen (or if you leave the company while there are sensitive documents on the phone, or similar).
To know what MDM your employer is using (if any), I suggest you take a look at the IT / helpdesk web site and see if you can find an answer. If not, try asking them about it. Alternatively, simply don't add anything from your employer to the phone - no certificates, no company email accounts, no company apps, etc. - and keep it as your personal device. You still might not be able to use the internal WiFi for TLS (HTTPS, etc.) if it requires a CA certificate, though...
