Well for internal use a self-signed one is fine.
But if it's intended to be accessible from the web - I'd suggest getting a third party SSL. That way it will be trusted.
Consider getting a Let's Encrypt SSL - it's free.
I'll go with third party certificates because it offers authentication that allows them to avoid those irritating browser warnings. Free SSL is fine but if you consider a better liability protection, support and long validity period, you should get a paid SSL.