During Content Platform Engine to Content Platform Engine communication over a secure channel, one server acts as an SSL server. You must configure the Content Platform Engine as an SSL server if the Server Communication Certificate Validation Enabled property value is true.
The identity keystore stores the certificate that identifies Content Platform Engine server to SSL clients. The server truststore stores trusted certificates that the Content Platform Engine server uses when it is acting as a SSL client so that it can validate the identity of the server that it connects to.