I'm unable to install an intermediate certificate on our server using fmsadmin CERTIFICATE IMPORT command, too.
Recently almost all intermediate certificate needs to be installed on the server. Please improve.
So... is anyone out of their turkey coma yet? I'm sure there must be someone running intermediate certificates on their Mac servers right? The last line below seems to indicate that's all I'm missing. For what it's worth, I have installed (by double clicking) the intermediate certificate file and installing it onto the System keychain. The Digicert SSL Checker gives the following information (names changed to protect the incompetent):
DNS resolves 'fms.ourdomain.org' to 184.108.40.206
HTTP Server Header: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/0.9.8za
Common Name = fms.ourdomain.org
Subject Alternative Names = fms.ourdomain.org, www.fms.ourdomain.org
Issuer = PositiveSSL CA 2
Serial Number = C4C26A7C4EE1232617E232AF8123456789
SHA1 Thumbprint = 7188AEB356D061637D6512B75B8DDF9123456789
Key Length = 2048 bit
Signature algorithm = SHA1 + RSA (good)
Secure Renegotiation: Supported
This certificate does not use a vulnerable Debian key (this is good)
SSL Certificate has not been revoked
OCSP Staple: Not Enabled OCSP Origin: Good CRL Status: Good
SSL Certificate expiration
The certificate expires July 25, 2015 (236 days from today)
Certificate Name matches fms.ourdomain.org
[IMG]https://www.digicert.com/images/icons/generic-server-cert.gif[/IMG] Subject fms.ourdomain.org Valid from 25/Jul/2014 to 25/Jul/2015 Issuer PositiveSSL CA 2
SSL Certificate is not trusted
The certificate is not signed by a trusted authority (checking against Mozilla's root store). If you bought the certificate from a trusted authority, you probably just need to install one or more Intermediate certificates. Contact your certificate provider for assistance doing this for your server platform.