I have written a module which manages storage of credit card information. 
This module talks with the web server over SSL'd RMI calls and talks with 
a bank (for payment authorization) over HTTPS. It acts as server and 
client respectively. 

For the S-RMI part, I start the module with -D switches to point out the  
keystore, password and client certificate. 

java \
-Djava.security.policy=conf/CreditModule.policy \
-Djavax.net.ssl.keyStore=conf/serverKS \
-Djavax.net.ssl.keyStorePassword=serverpasswd \
-Djavax.net.ssl.trustStore=conf/serverTS
ModuleInit

Once this is loaded in the memory of the JVM, the module looks at the same 
certificate to authenticate the response from the bank and rejects the 
bank's certificate with "SSLException: untrusted server cert chain". How 
do I make the module differentiate between the two - use the standard 
cacerts file to validate the bank's certificate and the client certificate 
to authenticate the RMI client?

I use the following code to establish connection with the bank

java.net.Socket socket = 
com.sun.net.ssl.HttpsURLConnection.getDefaultSSLSocketFactory() 
.createSocket(new java.net.Socket(URL, URLPort), URL, URLPort, true);