I wanted to add a cheap SSL certificate to my Mac OS X Mavericks 10.9.1 server. I purchased a Comodo PositiveSSL certificate for $9 from Namecheap.com. After generate the signed certificate request using the Server.app tool, I followed their directions and finally got the certificate. But after installing it, Server.app and Keychain both reported that “this certificate was signed by an unknown authority.” What gives?
Well, simply put, Mac OS X doesn’t recognize PositiveSSL as a certificate authority. So I needed to import their root certificate. Here’s how. In Keychain.app, search for your certificate based on the hostname that it’s assigned. Double click that cert, and scroll down to find the PositiveSSLCA2.crt. Click the link, which will download the cert. Then double click the downloaded .crt file and add it to your system keychain. Voila. All is well.