Hi Aditya,
I'm not quite sure, what you refer to by
Aditya Bhosarekar wrote:
...
Regarding CA certificate...should it be self signed or CA signed?...
the certificate of the root CA is always self singned. Only intermediat CAs are signed by the root CA.
I do not remeber any occurence where self signed certificates did not work, however they may not make sense. Depending on the use case, you may have to add each and every self signed certificate to the list of trusted sites fr the chain verifier to accept them, which may not make sense. So if you only have one connection and there won't be more in the future you can always use self singed certs only. Everything else depends on the scenario.
In the case of OASIS Webservices, it is even not uncommon to use self signed certificates on the consumer side to authenticate at the provider.
Regards,
Patrick