This week's book giveaway is in the OCMJEA forum. We're giving away four copies of OCM Java EE 6 Enterprise Architect Exam Guide and have Paul Allen & Joseph Bambara on-line! See this thread for details.
You do not need keystore to establish SSL, since keys are assigned dynamically. However you need it to build a chain of CA, so cacerts used for this purpose. If you get no exceptions you can be sure thatyour connection is secure. You can always verify that by trying to connect to non secure site, or site using not CA signed certificate.