Establish PKI Services as an intermediate CA under the IdenTrust root

In the IdenTrust infrastructure, IdenTrust operates the root or top certificate authority (CA). All financial institutions are subordinate CAs that are certified by the root. Therefore, you must acquire a certificate for PKI Services that is signed by IdenTrust. You might need additional certificates issued by IdenTrust, such as for your OCSP responder. Request these certificates directly from IdenTrust following the operational requirements of IdenTrust.