I wanted to use TLS with non-self-signed certificates for RDP connections to my workstation at home and so I set out to make it happen. Since I don't have a domain with Active Directory (anymore...) the 'usual' methods found on the web don't quite apply. Here's a simple, step-by-step, guide on how to use StartSSL certificates to secure your RDP connection. This should also work fine with certificates from other CA's; step 2 and 3 (obtaining the .crt file) can/will be different but other than that you should be fine.
Inspired by Do you really want "bank grade" security in your SSL? Here’s how Aussie banks fare found on /r/programming I present to you the "Dutch edition". The author used Qualys SSL Labs' SSL test to determine how good banks' SSL implementations really are.