Step 1- Generating Keys and Certificates
In order to generate the keys within Key Manager module, see the section: Generating New Keys while for importing keys in ADSS Server that are issued by third parties, see the section: Importing Keys. Note that keys you want to import MUST be in PKCS#12/PFX format. When generating/importing a key for OCSP response signing then select the key purpose "OCSP Response Signing". Keys held in a PKCS#11 device can also be used for OCSP response signing, see the section Crypto Source to configure and import the keys from it.
Once the key pair is generated then Public Key needs to be certified. It can be certified by creating the Self Signed Certificates and/or Delegated Certificates.
See also
Step 2 - Registering CAs
Step 3 - Registering Trusted CAs for OCSP Service
Step 4 - Configuring CRL Monitor
Step 5 - Using the Service Manager