By default, the password synchronization traffic between the Password Capture Agent and the web service is secured by transport layer security only. Therefore, it is strongly recommended that you specify a custom certificate.
IMPORTANT: You need a certificate file including the private key to encrypt password synchronization traffic.