Below, I'm describing a super-simplified scenario, just so I won't burden you with details.
If I write a client that communicates with a remote server over HTTPS, and if, during the TLS handshake, I use a custom X509TrustManager with a checkServerTrusted(...) implementation that simply checks whether the server's certificate exactly matches some pre-defined certificate, and I don't perform any other checks but simply return, will Java's SSL library still verify that the server owns the private key associated with the certificate? In other words, will Java check that the signature, sent by the server, is valid?
I'm expecting that Java will still validate the server's signature.