Certificates are used to authenticate the identity of a server by associating a public key with a particular server. A certificate is electronic confirmation of the owner of a public key, and contains other information, such as its expiration date. Two kinds of certificates are used: Self-signed and those signed by a Certificate signing Authority (CA).
A self-signed certificate is a certificate that you create and authorize yourself that has no official guarantees or authority in the real world. It is mainly used for intranet security.
This is a certificate that has been signed by a Certificate Signing Authority (CA). You only need this certificate if the ProxySG will be obtaining data through an encrypted source. CA certificates are also used to verify the client certificates that browsers can be configured to present.