In order to trust the digital certificate, does immediate CA cert also needs to be in trust store or root CA cert is enough?
You only need to trust the root CA, the intermediate (and other) certificates will be checked if they are signed by a trusted root CA, or a intermediate that is trusted by a root CA. If that root CA is trusted by you, all certificates signed with that will be trusted by you.
For example, when you have a chain [user] → [intermed-1] → [intermed-2] → [root], the verification is like this:
Does [user] have [intermed-1] as its "Issuer"?
Does [user] have a valid signature by [intermed-1]'s key?
Does [intermed-1] have [intermed-2] as its "Issuer"?
Does [intermed-1] have a valid signature by [intermed-2]'s key?
Does [intermed-2] have [root] as its "Issuer"?
Does [intermed-2] have a valid signature by [root]'s key
Since [root] is at the bottom of the chain and has itself as "Issuer", is it marked as trusted?
(snip from this answer)