Not really, but it’s easy to get lost in all the security thing if you are not used to it or if the technical bits are a bit fuzzy. So : yes and no.
Basically the certificate’s job is only to address the problem of authenticity, which is "Alice and Bob want to talk to each other through the internet. But they know Eve is malicious and might be intercepting messages and altering them so that Alice thinks she is talking to Bob, but Eve is actually intercepting messages and messages.*. That’s a man-in-the-middle attack, yes. But to solve this, Alice and Bob use certificates. At some point, Bob sends his certificate to Alice, such that only messages encrypted and signed with this certificate should be recognized as ‘Bob’s messages’. Hence Eve can’t impersonate Bob because she doesn’t know the private key (Only Bob does).
But on the internet, it’s a tricky matter. You (Alice) want to talk to thousands of different Bobs (your bank, your husband, your favorite cat website, and the yunohost forum). You cant meet them in person to get their certificate and be sure that those are indeed their certificate (and not Eve sending you a certificate to then impersonate Bob !)… So how do you solve this ? Well, first your browsers come packaged with a handful of “trusted certificates” from “big, trustable companies” a.k.a certificate authorities. Among those are, for instance, Google, Microsoft, and (doing a shortcut) Let’s Encrypt.
When you visit Bob’s website, he’ll show you his certificate. And his certificate is actually signed by one of those CA (Certificate Authority). And because you trust those CA, you trust that they checked that it’s indeed “the real Bob” which is behind this certificate. Hence, you trust the certificate you get. Eve wouldn’t be able to impersonate Bob, because that would mean a CA didnt do her job of checking the person behind the certificate… (Spoiler : this actually happened several time in real life, with dramatic consequences)
So what are self-signed certificates ? Those are certificates signed by your own server … hence they don’t come with any clue that Microsoft or Google or Lets Encrypt saying that the certificate is from who it claims to be from … For instance, you could forge a certificate for google.com. But nobody would trust that certificate, except maybe you because you know what you did…
But in a context where you are the only user of your server, it’s quite fine to just accept a self-signed certificate for your.domain.tld, because you know where this certificate comes from. And once you accepted it, it should be okay. Eve won’t be able to man-in-the-middle, because if she did, she would have to use a different certificate crafted and validated by a CA. But she can’t do that (except if the CA is evil, again).