On production machines, the default self-signed SSL certificate will probably not be sufficient.
Instead, a certificate issued by a certificate authority (CA) may be
required. If the server will be accessed from HTTPS or FTPS clients external to the
organization (e.g. across the Internet) then a CA certificate is essential. Many
organizations already have CA certificates issued and centrally controlled. Otherwise, a CA
certificate must be purchased and installed, as described below.
There are three steps in obtaining and installing a CA certificate: