I am trying to figure out how to configure the RDP service to use my LE certificate for incoming RDP sessions to get rid of the annoying warning about the default certificate not being verified. What I have found involves AD connected machines, and this is a standalone IIS server. I know there is not a lot of information here, and not sure what you need, so feel free to ask for any details you need.
BTW I am using Certify the Web application to automate the certificate renewals.
I have searched but did not find what I was looking for, so if it does already exist and I just missed it, please provide me with the link, and accept my apologies for the duplicate posting.
I will give you a sample of a method that can work.
But it is up to you to get all the pieces of the puzzle to automate it with LE.
It is from work I did to prove you can use a SHA256 bit RDP cert (some systems still defaulted to SHA1) in March of 2017. But it lays the groundwork for what your trying to do.
Simple 256 bit RDP cert (expires 8/3/2044) install
Install RDP256.PFX (password=256) into computer default location.
Run this command as admin:
wmic /namespace:\root\cimv2\TerminalServices PATH Win32_TSGeneralSetting Set SSLCertificateSHA1Hash=“cb7eb3d0e0da1f8c3fa282bf096a00331276c679”