If the root CA that issues the intermediate certificates is not trusted then the intermediate certificates will be installed on the Mac system as untrusted. Centrify does not have a setting available to override this behavior, adding the root CA that issued the intermediate certificates will resolve the issue.