FireStart needs a valid SSL certificate for communication between the FireStart Server and the Process Portal as well as between the FireStart Server and the FireStart Client.
If you do not provide one, the configuration wizard will give you the option to create a self-signed certificate. This process will be started automatically when the configuration wizard is closed, and the field SSL Certificate Thumbprint is blank.
When you click Yes, the wizard asks for a password to secure the certificate with.
After the certificate has been created it is automatically registered as FireStart SSL certificate. The public and private key are placed into the install directory.
To enable users to use the Process Portal without security warnings, the client computer has to trust the certificate. Furthermore (and maybe more important): without a valid certificate (from a trusted authority or by adding a self-signed certificate to the trusted authorities), the RemoteEventReceiver will not receive notifications from SharePoint. More information on adding certificates to the Trusted Root Certification Authorities store for a local computer can be found here.