Your server can use a Secure Sockets Layer (SSL) certificate to identify itself electronically and communicate securely with users’ computers and other servers on the local network and the Internet. The SSL certificate provides additional security for Profile Manager. These services can use the certificate to securely encrypt and decrypt data they send to and receive from apps on users’ computers.
You can assign certificate usage for all services you enable as a group, or you can designate specific certificate usage by service. You can designate whether to use a certificate, a self-signed certificate, or a signed certificate you obtained from a third-party CA.
A self-signed certificate is created for your server when you set it up. It has the name of the computer you designated during setup. A user’s apps won’t trust this self–signed certificate and will display messages asking if the user trusts your certificate. Using a signed certificate relieves users from the uncertainty and tedium of manually accepting your certificate in these messages. A man-in-the-middle spoofing attack is possible with a self-signed certificate but not with a signed certificate, so users can trust the services they access.