Do we need to explicitly import the Trusted CA Certificates into the java keystore? If so, then why?
I can understand that we should always import the Self-Signed SSL certificates into the keystore, because they are not verified ones and java can't trust unless it's there in the keystore. But do we need to exercise the same thing even for Trusted CA Production Certificates?
Note: I'm using jdk v1.6.x.
I can understand that we should always import the Self-Signed SSL certificates into the keystore, because they are not verified ones and java can't trust unless it's there in the keystore.
In the trust store.
But do we need to exercise the same thing even for Trusted CA Production Certificates?
No. If the CA is already trusted by the Java truststore you don't need to do anything.