Not sure if you already solved your problem...
But i want to share my findings on this topic.
I played with signatures and encryption on OS X some years ago.
At that time i used certificates from Thawte and it worked quite well ( after some trial and error ).
I could sign and encrypt messages between OS X clients ( mail, thunderbird ) and windows clients ( thunderbird ).
So now that i have some expensive iOS equipment ( iPad, iPhone, ... ) i wanted to see if S/MIME signing and encryption is possible between these machines.
Since Thawte is no longer providing free email certs i choose comodo.
I did some trial an error on requesting and collecting the certificate with both safari and firefox. It somehow worked and somehow not...
Then i came across this nice Howto article :
http://www.hoylen.com/articles/it/email/security/cert-comodo.html which helped me a lot.
I followed the steps explained there and managed to get signature and encryption of messages working on a macbook pro runnning ML and an iPad 2 running iOS 6.01.
Here are some things that caused trouble and confusion for me :
use of the browser for the request and collection of the cert
Some years ago it was not possible to collect and export the certificates with safari. You had to use mozilla/firefox to do this, because in safari there was no way to export the private key that was generated during the process.
It is possible now to collect the cert with safari and it wil be in the keychain after you collected it, so will be the private key ( with no name ! ).
In any case, request and collection of the cert has to be done with the same browser!!!
So my smart idea to request with firefox and collect with safari didnt work.
I personally prefer collection with firefox because it gives me thze possibilty to check the whole process and i like to import the .p12 file ( exported from firefox ) into an empty keychain so i can check what is in the package.
"moving" the certificate to the iOS device
Right now it seems that there are ( at least ) two options to bring the cert/key package to the iOS device.
- making a profile ofr the device with the cert/key included
- sending the cert/key package as a mail attachment
I used the latter one with success. Instead of exporting it from the keychain ( which i did before with some success ) i choose to mail the firefox exported ( see link above ) .p12 file to myself. After opening the attachment and providing the password my iPad added that as a profile.
This profile showed in the General->Profiles-> section of my Settings.
As the Original Poster mentions this profile is listed as "Not Trusted" ( in red color ).
I did not care and went on to my @me.com account in the Mail settings section.
There at the Account->Advanced->Advanced settings i switched on S/MIME and Sign and checked my cert under the Certificate section of Sign. It showed the certificate of my email adress as "Trusted" ( in green color ).
Under the "More Details" tab it showed 3 certficates, one of them my freshly collected email cert.