Hey,
using the watcher.http.ssl.keystore.{path,password,key_password,algorithm} settings, one can also use a dedicated keystore for the http input/webhook action, which is also used as truststore, unless you are using shield, which uses it's own.
--Alex