To trust a new certificate, add the certificate to the $JFROG_HOME/<product>/var/etc/security/keys/trusted directory of every service that needs to trust it.
Alternatively, you an also add the certificate to each application's key store. For example, to add a certificate into the JFrog Artifactory key store, you can add it directly to the host's JVM's trusted KeyStore.
You need to restart the Artifactory service for the new certificate to take effect.
For HA setup, you need to add the certificate to every node's trusted directory or the keystore. The certificates are not propagated between HA nodes automatically.