Choose between a self-signed server certificate and an actual server certificate

If you have selected option "Secure Web server (HTTPS)" during the preceding configuration step, you'll now have to specify which kind of server certificate to use.
A server certificate fulfills two purposes:
  1. Encrypt the data exchanged between the client and the server.
  2. Let the user be sure that she/he is connecting to the right server (i.e. not a malware impersonating the right server).
An ``actual certificate'' fulfills both purposes. However you'll need to purchase such certificate from a certificate authority such as VeriSign Opens in new window, Thawte Digital Certificates Opens in new window, Comodo Opens in new window, etc.
A self-signed certificate is free because it is automatically generated by controlapp. It is only useful to encrypt the data exchanged between the client and the server. On the other hand, some clients may refuse to connect to servers presenting a self-signed certificate. Also, most Web browsers will strongly discourage the user from connecting to a server presenting a self-signed certificate. (They'll do this by showing the user pretty scary messages.)
certificate.png