Hi @Menon,
Given that devices are working in HA, you'll only need one certificate for this. However, you do need to define FQDN for this, as public CA signed certificates usually don't support IPs inside. From this standpoint, there will be only one FQDN defined for your "outside" interface (active IP address).
Yes, basic SSL certificate is enough for this purpose.
Once you import the certificate onto the device, same certificate will be replicated on both devices, so when the failover event happens, same certificate will be displayed still.
If you buy a certificate from well known CA, then nothing is required from the client side (assuming they are using FQDN instead of IP today; if not, you'll need to ask them to connect to FQDN from now on, and to potentially reconfigure ASA accordingly).
Kind regards,
Milos