Chapter 3 Authentication for FortiOS 5.0 : Certificate-based authentication : Certificates overview : Certificate signing
  
Certificate signing
The trust in a certificate comes from the authority that signs it. For example if VeriSign signs your CA root certificate, it is trusted by everyone. While these certificates are universally accepted, it is cumbersome and expensive to have all certificates on a corporate network signed with this level of trust.
With self-signed certificates nobody, except the other end of your communication, knows who you are and therefore they do not trust you as an authority. However this level is useful for encryption between two points — neither point may care about who signed the certificate, just that it allows both points to communicate. This is very useful for internal networks and communications.
A general rule is that CA signed certificates are accepted and sometimes required, but it is easier to self-sign certificates when you are able.
For more on the methods of certificate signing see “Generating a certificate signing request”.