i am facing similar problem
you cannot deploy it via GPO as it puts it a) in the computer certificate store while it should go in the personal certificate store (cisco documentation does not mention this at all) or at least that is where it goes when a user accepts the self signed certificate when starting up the jabber 9.2.5 or 9.2.6 client
check out this discussion
https://supportforums.cisco.com/thread/2244884
one user suggest adding it using certutil command on the server but i have not figured out how to do this
i actually created new certificates on my enterprise CA and 2 are accepted fine but i seem to have problems with the CTI setup as i need to manualy trust those SSL certificates (and as they are enterprise CA certificates i cannot place them in the enterprise trust store as they are already trusted so i am in catch 22 situation.