A server certificate is required for encrypted communication via TLS (Transport Layer Security) and MTLs (Mutual MTLS).
A server certificate uniquely identifies a server. The certificate must be issued on the server's FQDN (full qualified domain name) . The server certificate must be issued by a trustworthy instance. Certificates are configured in the Microsoft® Management Console (MMC) certificate snap-in.
The certificates used must be stored under Local Computer/Own Certificates and contain a private key. The Local Computer certificate store can be opened with the MMC console.