I wouldn't think of correcting you when I don't fully understand something.
To me, that says that NIU is asking you to accept them as a certificating agent (rather than Thawte, Comodo, et al).
All that tells me is that, when you accept NIU as a Certificate Authority (CA), you will not receive a warning (invalid CA) in the browser you've used to accept their CA. Nothing more.
To my reading, that only verifies my original impression that you are not exchanging certificates with your visitor, only disabling a warning for an invalid CA. If you need to transmit encrypted data between two sites, I think you should think about using PGP which will be a public key/private key encryption (in each direction) and you CAN setup your server to use PGP, too (although I've not done that nor have I looked into how to do that).