Although one would like to be able to install the CA certificate in
/etc/grid-security/certificates and be done with it, unfortunately, there seem to be some files that hard code file paths to trusted CA's. One such file is the cog.properties file found in the user's ~/.globus/ directory. As necessary, the cacert= line needs to be updated to point to the new trusted CA certificate. Fortunately, this need only be done once in a great while (which is probably why it causes so much consternation; no one thinks to update it).