In order to accept the digital certificates as trustworthy by the ADSS XKMS Server, you need to register the CAs within the Trust Manager module that will be considered as trusted. This module can also be used to register other types of Trust Authorities (TAs) namely self-signed OCSP responders, CRL issuers and self-signed TSAs.

See also

Step 1 - Generate Key and Certificate
Step 3 - Configure CRL Monitor

Step 4 - Configuring XKMS Profile
Step 5 - Registering Business Applications
Step 6 - Using the Service Manager