I wanted to use TLS with non-self-signed certificates for RDP connections to my workstation at home and so I set out to make it happen. Since I don't have a domain with Active Directory (anymore...) the 'usual' methods found on the web don't quite apply. Here's a simple, step-by-step, guide on how to use StartSSL certificates to secure your RDP connection. This should also work fine with certificates from other CA's; step 2 and 3 (obtaining the .crt file) can/will be different but other than that you should be fine.