Agreed with Bubba. If you were going to expose port 6080 to the web you'd want a CA cert for your GIS Server, but since you're exposing the GIS Server via the web adaptor you can set up a CA cert for the web server and be good. I generally create a new self signed certificate using the ArcGIS Server admin API using the application server's hostname as the CN instead of using the one that ships with the GIS Server. I also recommend testing with both http and https allowed on the GIS Server before flipping the switch and requiring https only. That way if something happens somehow and SSL is broken you can still get into the admin API and make adjustments.