Hello,
Can you give some details about the Terminal command you used to do so ? I search but didn't find one.
On OSX 10.11, the following command fixes everything : sudo security -v add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain isrg-root-x1-cross-signed.pem
In last couple of days, I explored a lot of solutions. The best one I found is to use offline activation/deactivation.
In brief, I wrapped TA_Activate() so if it returns TA_E_INET_TLS, it falls back to offline activation (I automated everything with a PHP script and TurboActivate's web API). I tested this solution a lot, and it's fine.
My emergency solution was to use TA 4.0.9.6 that doesn't have the certificate issue, but it's risky. At least, it bought some time to find a better solution.
Best. Philippe