There was a time when either was fine. And it still is if you are only using DWA (DOORS Web Access). However, if DWA is used to integrate with other browser based applications, this becomes a critical point.
Modern browsers do not like mixed content. Which is to say, if an application configured on HTTPS wants to display content from one which delivers that content via HTTP, the browser will block the HTTP content. The user will see a blank dialog. It isn't always obvious to the user that anything has been blocked by the browser , and getting the browser to allow the mixed content can force page reloads.
All of the Jazz based applications are by default on HTTPS, including Rational Team Concert, Rational Quality Manager, DOORS Next Generation, Design Manager and Rational Engineering Lifecycle Manager. If you plan on an OSLC (Open Services for Lifecycle Collaboration) integration to any of these it is better to configure DWA on HTTPS. This is enabled by default from DWA 9.6 on-wards, though ideally in production you would replace the supplied self-signed certificate with a valid one, see Configuring Rational DOORS Web Access to use SSL or TLS
If you leave it with the self-signed certificates the browsers will ask users questions along the lines of "Are you really really sure you want to see this? It's not secure; The world might end and you'll be blamed if you proceed" etc.