Hi guillermo,
If you making CRM available from the outside, I would definitely say a signed certificate is required. These days the minimum mandatory encryption level is normally enough. Bear in mind more encryption slower the authentication.
If you have available a wildcard certificate that will be enough, but you can also just request one for the domain tjb.pre.com.co.
Visit my blog for CRM material, improving performance, kerberos, IFD, development tips, etc. :) http://quantusdynamics.blogspot.com