Unless you have a good reason not to do so, the services you run on your server should be encrypted. For the last few years, and probably the next few, that means you need a security certificate, commonly called an SSL cert, even though we just stopped using SSL in favor of TLS, which is exactly the same but slightly more advanced.
(You don’t run a server? OK, the services that you access should be encrypted. It’s the moral equivalent of sending letters in sealed envelopes instead of postcards: you do it even when it doesn’t matter much, because that way you don’t accidentally forget and send a hundred dollars to your friend by taping it to a postcard. The rest of this post is for people running servers – mostly, people who run one or two servers as a hobby or small business. I expect the professionals to already know all this.)
(But some don’t.)