Yes you will need a (SAN )cert to cover RDSFARM ,RDSHOST01 ,RDSHOST02, RDSHOST03 A wildcard cert will do just as well (I think) Even then when you have deployed the certificates
[image: Inline image 3] You may need to use powershell to make sure the servers are using the right cert http://ryanmangansitblog.com/2014/06/17/deploying-rds-2012-wild-card-certificate-using-powershell/ http://serverfault.com/questions/444286/configure-custom-ssl-certificate-for-rdp-on-windows-server-2012-in-remote-admini >>
