Restricting the X.509 Authentication to a Specific Certificate Authority on Access Manager Appliance

I really need to set the restriction for x.509 authentication to single CA on Access Manager Appliance (single box) but it cannot be set thru Admin Console. It looks like some extension are missing on iManager GUI on appliance.
Just for note that, this can be set on non appliance Access Manager thru Admin Console.

Has anyone has encountered a similar problem?