I would expect your situation to work under the following circumstances for the certificate that you want to install on both ClearPass and controller:
- The hostname used for the redirection (in the IP Address field in your screenshot) is the Common name (CN) for your certificate. So that is the 'main' name for your certificate.
- The ClearPass HTTPS certificate uses a different name (SAN) that is as well in the certificate. ClearPass cannot use the CN as there will be a name collision: your client cannot address both ClearPass and the controller login page on the same name.
About recommendation for the RADIUS certificate, which can be installed separately through the drop-down in the ClearPass Server Certificate screen, it really depends on your requirements. The separate certificate is there for quite some years now, I extimate it was already in 6.0. Roughly, if you have only internal clients and controlled clients that need to authenticate via 802.1X/RADIUS, and have an internal PKI setup you are likely better off with a private CA certificate. If you have a lot of external clients, like in eduroam or BYOD or if you don't have a PKI, a public certificate is more likely to be your best match. Please check the ClearPass Certificates 101 Technote for some additional guidance.