Secure Sockets Layer (SSL) is enabled and required, by default causing all data sent between the Calendar server and the client to be encrypted.
If you didn’t import or create an SSL certificate, the server uses the default self-signed certificate. If you use the default self-signed certificate, clients must choose to trust the certificate before they can make a secure connection.
Using a signed certificate relieves users from the uncertainty and tedium of manually accepting your certificate when connecting. It also prevents man-in-the-middle-spoofing attacks.
For instructions, see Use an SSL certificate.