In some cases (DNS changes, expired certificate, etc.) you have to renew a certificate on your RD Webservers. I hat to do this today on a environment wit two RD Web Servers load balanced by a F5 Loadbalancer. But just replacing the web certificate on the RD Connection broker was not enough.
For some reason the cert was not valid after the replacement.
- Delete all the old certificates in the personal store of the RD Webservers
- Reboot the Webservers
- Request a new certificate by using certlm.msc of one of the RD Webservers
- Export the .pfx file for the Connection Broker
- Redeploy the certificate using the Server Manger / Remote Desktop Services / Deployment Overview / Tasks / Edit Deployment Settings
This should allow you to access the RD Websites without having any certificates warnings.