A certificate is a non-transferable digital file that contains certain identifying information. Specifically a certificate contains the issuers identity, the receivers identity, and the public key. The certificate is issued from a third-party whom both parties trust. This third party is known as a Certificate Authority (CA).
A Certificate Authority (CA) can be internal--you create certificates within your organization, or external-- a third party can issue a certificate for you.
Both servers and clients can have certificates. When a server sends a certificate to a client, the process is called server authentication. When a client sends a certificate to a server the process is called client authentication. If you plan on using encryption and SSL on your server, you must obtain a server certificate from a valid CA.