Role of cacerts file communication between two web applications

Question

While studying upon PKI, I came across with cacerts file in java which I am not familiar with. I read information related to it via googling for a while but not fully understood what role it plays in following picture.

1. java web app "foo"is built
2. "foo" is deployed to web server "A"
3. there is a service provider "bar" is deployed to web server "B"
4. "foo" needs to communicate with "bar" securely
5. when "foo" initiates talks to "bar", a certificate from web server "B" is presented to web server "A"
6. web server "A" verifies signer of the cert came from web server "B"
7. if it is ok then "foo" can talk to "bar"

In this scenario (if I described correctly), at step 6 web server "A" uses cacerts file to verify a signer?

Answer 1

cacerts contains the Certificate Authorities (CA) that are trusted. The cacerts file is a collection of trusted CA public keys (in the form of certificates).

A and B's certificates are signed using a CA's private key.

The certificate of B will specify which CA they were issued by and the public key of the CA can be used by A to verify that the CA did in fact issue that certificate (i.e. verifying the signature on B's certificate).

A certificate chain will be built by doing the above recursively until it gets to a self-signed root CA certificate, and this self-signed cert has to be in the cacerts file for the verification to be successful.