You can configure Ivanti EPMM as a local certificate authority for the following scenarios:
Ivanti EPMM as an Independent Root CA (self-signed)— Configure Ivanti EPMM as an independent root certificate authority if you are using a self-signed certificate. Use this option if your company does not have its own certificate authority and you are using Ivanti EPMM as the certificate authority.
Ivanti EPMM as an Intermediate CA—Use this option when your company already has its own certificate authority. Using Ivanti EPMM as an Intermediate CA gives your mobile device users the advantage of being able to authenticate to servers within your company intranet.