This is one of the network requirements for a successful STEP setup. The full list is defined in the Network Requirements topic here.
When configuring a STEP solution to use SSL encryption (typically done for external supplier access), it is important to only use certificates from a trusted CA authority, such as Verisign or Thawte.
Self-signed certificates are not supported by the STEP solution.
It is the responsibility of the customer / hosting partner to provide the required SSL certificates.