how do I update list of trusted root certificate authorities

Good background information and I can check some of those id numbers VS the certificate I need these Macs to accept.

But implies that OSX one gets one set of cert authorities per version and never updates at all, is that right?

Unfortunately In our situation I can't use any manual update method that only updates certificates for one user. We have a Lab on Active Directory and every user that logs in gets a fresh new user profile created on the Mac, also drives are locked down with DeepFreeze so it has to do that for every user every time they login.

The only way I can see this update working now after hearing OSX does not update certificate authorities is for our Lab to take DeepFreeze off and find a way of loading the certificate authority to the system key chain that all users share and make it Trusted there.

A frustrating and depressing prospect because if that doesn't work I have no options.

Thank you for your help but like I was saying it is a good certificate accepted everywhere. I'm not 100% sure what is new with it I think it is a new branch of the Comodo certificate authority that covers more types of certificates than they did before.

The only trouble I have with it is that ElCaptain does not recognize this authority name yet so originally I was hoping there was an easy way to have OSX update it's list of certificate authorities.

Thanks tho your info gave me a good direction to research and I have a prospective set of command lines to test.

About command line loading of certificates for all users but not authorities need to test

https://apple.stackexchange.com/questions/80623/import-certificates-into-the-sys tem-keychain-via-the-command-line

sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain <certificate>

https://derflounder.wordpress.com/2011/03/13/adding-new-trusted-root-certificate s-to-system-keychain/