This post is somewhat late, but I decided to upload it for informative purposes.
In early this year I set up my own CA for securing connections between devices that I use.
One of the things I cared about is the Windows Remote Desktop where I did not like the program spitting out warnings about default, non-secure self-signed certificate.
So I thought about using my own certificates for them.
First I created an importable .pfx file with the private key and the certificate.
With the certificate saved on the target machine, do the following:
Open the mmc console and add a certificate snap-in for local computer account.
Go to Personal key storage and import the key file(It is NOT Remote Desktop storage despite its name).
Open Remote Desktop Session Host Configuration.
Right click your desired RDP connection (RDP-tcp for my case) and go to properties.
Press ‘Select’ button in the certificates section to locate your certificate.
Then click Apply and disconnect from the RDP session. Further sessions will be secured using the certificate you specified.