Before continuing with this TLS guide, please scroll up and choose an TLS certiciate provider (ideally both) and download their certificates.
Download the CA certificate file provided by the authority.
Once downloaded, double-click the file to open it, then select the Install Certificate option.
Choose to place the certificate in the Trusted Root Certification Authorities store, and follow the prompts to complete the installation.
Download the CA certificate file provided by the authority.
Open the file, which will launch the Keychain Access application.
In the dialog that appears, select System as the destination keychain, then click Add.
After adding the certificate, right-click on it within Keychain Access and choose Get Info.
Under the Trust section, set "When using this certificate" to Always Trust.
Google the instructions for your specific distro and networking daemon, as these instructions vary vastly.
Generally speaking though, you should copy the certificate to /usr/local/share/ca-certificates/ (Debian-based systems) or /etc/pki/ca-trust/source/anchors/ (Red Hat-based systems).
After copying, update the certificate store by running sudo update-ca-certificates (Debian-based) or sudo update-ca-trust (Red Hat-based).