Hello @S Abijith Yes, it is mandatory to bind a server certificate (either self-signed or CA-signed) for an HTTPS server application to function as an HTTPS server. This is because HTTPS (HTTP Secure) is an extension of the HTTP protocol for secure communication over a computer network, and it widely used on the Internet.
In HTTPS, the communication protocol is encrypted using Transport Layer Security (TLS) or, formerly, Secure Sockets Layer (SSL). The protocol is therefore also referred to as HTTP over TLS, or HTTP over SSL
The principal motivation for HTTPS is to prevent wiretapping and man-in-the-middle attacks. The binding of a server certificate is necessary because it’s the way a server identifies itself to the client. The certificate doesn’t need to be valid, i.e., the certificate doesn’t have to be issued and signed by a CA that the browser trusts by default. However, if the certificate is not valid, the user will be warned about the insecure connection and will have to manually accept the risk and proceed.
As for your second question, there is no standard way for an HTTPS server application to run as an HTTPS server without using any server certificate. This is because the SSL/TLS protocol, which provides the security in HTTPS, requires a certificate for mutual authentication between the client and the server. Therefore, it is generally recommended to always use a server certificate when running an HTTPS server.
Also please read here: https://video2.skills-academy.com/en-us/system-center/scom/configure-https-binding-windows-server-ca?view=sc-om-2022 I hope this answers your question?