Once you receive your SSL certificate and other intermediate.crt certs files, you need to put this back in the Server.app replacing your self signed certificate if you had one.
Just drag and drop the server.youdomain.com.crt to the spot
You should have also received some intermediate and root crt files - these need to be dragged into the system keychain on the server.
Finally set your CA Certificate as the certificate for the server from the dropdown. This can be done for every service or custom for each so if you have multiple certs assign the correct one to the services ical, ichat, mail and web.
You can confirm the certificates validity by examing it in Manage Certificates and seeing the line of trust, now your users can seemlessly connect and exchange with added security.
