Configure your Windows Remote Desktop (RDP) to use TLS with a StartSSL certificate

I wanted to use TLS with non-self-signed certificates for RDP connections to my workstation at home and so I set out to make it happen. Since I don't have a domain with Active Directory (anymore...) the 'usual' methods found on the web don't quite apply. Here's a simple, step-by-step, guide on how to use StartSSL certificates to secure your RDP connection. This should also work fine with certificates from other CA's; step 2 and 3 (obtaining the .crt file)  can/will be different but other than that you should be fine.

Do you really want "bank grade" security in your SSL? Dutch edition

Inspired by Do you really want "bank grade" security in your SSL? Here’s how Aussie banks fare found on /r/programming I present to you the "Dutch edition". The author used Qualys SSL Labs' SSL test to determine how good banks' SSL implementations really are.