SelfSigned Certificate Installation

Currently we have installed verisign certificate in IS, it is getting expired in another 20 days, we have planned to replace verisign certifcate with self signed certifcate.

when we gave CSR to Verisign they gave back us with 3 certificates ,like
clientCert → Verisign_Intermediate_cert->Verisign_Root.

Current setup in IS,
Server’s Signed Certificate: config/certs/keys/ClientCert.der
Signing CA’s Certificate: config/certs/ca/Verisign_Intermediate_cer.der
Server’s Private Key: config/certs/keys/private_IS.der

But for selfsigned certifcate we have received only one certificate from our internal security team, like Cert_SelfSigned.der

when i double clicked the certifcate in windows,i can see the message in
Certification Path->Certificate Status
“This CA Root certificate is not trusted because it is not in the Trusted Root Certification Authorities store”

now i have privatekey.der and Cert_SelfSigned.der.

Kindly suggest

  1. How to determine the given certifcate is CA or client certificate.
  2. How i need to configure it in IS
  3. How to check the certifcate is valid and distribute it to partners.

Thanks in Advance.