It should be enough to click on the cacert.pem file to start Mozilla's "install root certificate" wizard.
When asked if you want to trust the new Certificate Authority, you need to click at least the "Trust this CA to identify web sites." box and click "Ok".
Download and double click the cacert.pem file and choose X509Anchors from the popup list. You can also open the "Keychain Access" application and they use "Import" in the "File" menu.
If Keychain Access fails you can also try installing it manually like this:
sudo /usr/bin/certtool i ~/Desktop/Download/cacert-2.pem v k=/System/Library/Keychains/X509Anchors
Someone said that in 10.2 you have to copy the X509Anchors file to a temporary file first to manipulate it, like this:
cp /System/Library/Keychains/X509Anchors $HOME/Library/Keychains/X509Anchors certtool i /path/to/cacert.pem k=X509anchors sudo cp $HOME/Library/Keychains/X509Anchors /System/Library/Keychains/X509Anchors
As documented in the Subversion Book, you can tell Subversion about the CA cert.
$ cd ~/.subversion $ curl http://ca.develooper.com/cacert.pem > develooper.pem cat >> config [global] ssl-authority-files = develooper.pem ssl-trust-default-ca = true EOF