I need to trust a client certificate on my tomcat, I have added both the root (verisign) and customers domain certificate to the server truststore and it works fine and accepts the client connection.
Now the question is, does adding the root verisign cert to the truststore accept anything signed by that verisign cert? Or would that only be the case if I added it to the cacerts? Is it safe to leave it in the truststore?
I am using tomcat 6 and java 1.6 on linux
Thanks