You should use a server certificate, also known as a leaf certificate, that is: Issued by a CA (internal or public), Signed with the private key of the CA (root or intermediate),Has proper Key Usage and Extended Key Usage fields for server authentication and Valid for your hostname (CN/SAN)
On the left menu select the certificate with the mention “Root certificate”