Yes, this is a bad problem we need to figure out.

seahorse is the GNOME tool for importing certificates. It also has no documentation on how to import a certificate, but you do it by selecting Files -> Import and then selecting a PEM file (presumably other formats are accepted?).  This brings up a confusing dialog "An application wants to access the certificate/key storage 'Gnome2 Key Storage', but it is locked." That's expecting your user account password, but there's no indication of that. Then once the certificate is imported, you've accomplished nothing because Gnome2 Key Storage isn't used for anything as far as I can tell, and seahorse doesn't let you move it to the Default Trust, which is where the certificate needs to go. So I think it's not currently possible without command line tricks, which would vary by distro anyway.

There's also User Key Storage and System Trust displayed on the seahorse sidebar beneath Certificates, but I can't figure out what these are for and there's no documentation. They're empty on my machine.

P.S. You'll see nothing at all unless you switch the view to Show All with the view menu. For some reason, trusted certificates are not shown even when Show Trusted is selected....

Bug #712719 is for the user experience issue.

As a workaround you can use the command line, something like:

$ sudo trust anchor /path/to/certificate.crt

But this requires p11-kit, which is new and probably doesn't exist at all on many of the distros we care about.

I added a not great page in b89065ad3de11dbad30afc0fb535fd1ff934851e. It will need updating when there is some proper, working certificate management (or if anyone can improve it).

The following fix has been pushed:
0200d9e Tweaks for the new certificate help page

Thanks! I made just a couple tweaks.

Created attachment 295787 [details] [review]
Tweaks for the new certificate help page