If HTTPS is used, the TLS/SSL certificate and key are needed. The Project Portal distribution package contains a test certificate, which should not be used in production because the certificate authority that has issued the test certificate is not publicly acknowledged.
The TLS/SSL certificate required is a x.509 certificate for Apache/mod_ssl, which should be signed by a party that is a trusted certificate authority in the browsers used to access Project Portal. The so-called super certificate or global server ID allow for older browsers to use strong encryption. By default, Project Portal requires strong encryption on TLS/SSL connections.
Usage of weak encryption can be technically allowed in Project Portal configuration, but is strongly discouraged because weak encryption is easily cracked.
The certificate can be installed at the same time with Project Portal or later. If the TLS/SSL key has a password, Project Portal cannot be automatically started since the password has to be typed each time the Project Portal web server is started. Thus, the server should be secured and the server key should be readable by the root user only.