Without giving a formal everything will be OK, I can attest that we do not force a specific root. We let the negotation do its thing. Policy Manager also has the ability to manage the certificate store so if a chain is missing by default it can be manually included on your part. I don't think is saw what version you were on but I would make sure you are on the most recent patch of 6.4 or 6.5.