The answer is YES! You can have multiple intermediates link to a single smallstep team.
Option 1: Create multiple provisioners per authority
- Most commonly, smallstep users simply create multiple provisioners per authority. This approach allows smallstep to generate certificates for different use cases WITHOUT needing multiple authorities. This can mean less management and can still be reached by all endpoints.
Option 2: Create multiple authorities in smallstep
- If you really need distinct intermediates with distinct root certificates, you will need to create multiple authorities. An authority can only sign as a single intermediate or Root.