Steps:
1. Use a trusted Cert for https on rds.company.com
2. Use SSL URL for everything, not actual host name.
http://morgansimonsen.wordpress.com/2011/03/21/sha1-thumbprints-for-trusted-rdp-publishers/
create .wcx file for user config on win7:
<?xml version="1.0" encoding="utf-8" standalone=