From the PKI Services Manager console, click Revocation.
Under Search order to use for revocation, select "OCSP responders".
Under OCSP certificates, click Add.
Specify a certificate that can be used to sign the OCSP response. This is needed only if the OCSP response does not include the certificate of the signer.