I've imported some X.509 certificates in Kleopatra from a pfx file, but they're all listed as "Not certified." The option to certify them is grayed out. How can I certify these certificates?

The problem seems to be that X.509 certificates can't be certified, only PGP certificates can. I'm still unable to use the certificates for signing or encryption since they're marked as "not trusted" by Kleopatra and Kmail. Thunderbird is able to use them for email signing and encryption without any problems, and Vivaldi, Chrome, and Firefox (and, on Windows, Edge and Internet Explorer) are all able to use the signing certificate for authentication without a problem.