The Certificate Management page shows the following warning:

"Non-selfsigned certificate detected in Trusted Root Certificate Authorities certificate store. There can be problems with CEM Agent connections to NS"

ITMS 8.x

The Trusted Root Certification Authorities store on the Notification Server has one or more certificates where "Issued By" and "Issued To" don't match. This indicates that the certificate was issued by a certificate authority other than itself.

1. Open MMC on the Notification Server
2. Click File > Add/Remove Snap-in
3. In the Available snap-ins pane, select Certificates and click "Add >"
4. A Certificates snap-in window should appear. Select "Computer account" and click Next, then click Finish on the next window
5. Before making any changes to Certificate stores, ensure you have a backup of the store or server in case any issues arise after making changes.
6. Expand Certificates (Local Computer) on the left pane of MMC
7. Expand Trusted Root Certification Authorities, click on the Certificates folder
8. Check all the certificates in the list. Any certs showing a different 'Issued To' compared to 'Issued By' are non-self-signed certs and should be moved to the appropriate certificate store

For additional information and reference see the following Microsoft article:  Non-self-signed certificates are in Trusted Root Certification Authorities Certificate store