The correct method to create trust between a Gateway and Security Management Server is the Internal Certificate Authority. This authority issues certificates that are used to establish and verify trust between devices within the network. One-time passwords and tokens are typically used for temporary, user-specific authentication rather than for establishing long-term trust relationships in network security.