Issue Description
Certificates are installing correctly into the system keychain, but are marked as not trusted.
Troubleshooting Steps
Ensure that the full chain of trust for the certificate has also been installed along with the desired certificate. The root and intermediate(s) certificates are required if the certificate chain includes them.
To view the certificate chain:
Open Keychain Access.app and select the untrusted certificate from the System Keychain.
In the menu bar navigate to Keychain Access > Certificate Assistant > Evaluate "<certificate name>"...
In the new pane that opens, keep "Generic (certificate chain validation only) selected and press Continue.
In the next window click the "Show Certificate..." button and you will be presented with the certificate chain.