Agree that this should be included in the CTT, but it will not be the only aspect of certificate configuration required for the CTT. The CTT needs a large variety of certificates to be trusted on the server being tested, a commercial GDS is not designed for pushing the variety of certificates we will need.
If we add GDS functionality to the CTT then it could be it's own GDS. This might be able to handle more of the required items and it could also be used to facilitate testing of the GDS functionality.

The idea was to have an action (manual menu command or automatic) in the CTT which copies the certficates into the server by writing the TrustList file object in the servers address space. No GDS required in this case, although the GDS would also use this method in push configuration. The CTT would need to be able to serialize the TrustList, i.e. support the TrustListDataType.

assigned for investigation to start with.

Initially create a list of certificates which can be pushed via the certificate management, also check which ones could be pushed when switching from self-signed certificates to issued certificates. For example when changing the certificate with the invalid signature or invalid field combinations we don't do that on a self-signed but on an issued certificate. In this case the trust list check should succeed because the CA would then be in the trust list.