The client SSL profile should contain the backend server certificate and key, so as to have the LTM behave as if it is the server (unknown to the client). In most cases, the default SSL server profile can be used.
When you had only the SSL client profile applied, you were essentially offloading the SSL at the LTM. Communications between the client and LTM were SSL encrypted, but the LTM was sending traffic to the backend server without SSL.
When you had only the SSL server profile applied, the LTM was not accepting SSL connections from the client, but would talk SSL to the backend server.
By applying both the client and SSL server profiles, you essentially created SSL from end to end. The exception being your LTM terminated the SSL, proxied the session, and then re-encrypted it to the backend server.
Proxy SSL is a configuration used to preserve any type of client certificate presentation for authentication to the backend server. If you don't need any client certificate based authentication, then you won't need to use this feature.