RDS broker certificate warning

I am establishing a multiserver RDS setup.

All users are domain users, but most clients are non-domain Windows and Macs, so I have a public 3rd party SAN certificate. It is not a .local domain.

The SAN certificate

Subject: desktop.mydomain.com

SAN:

rdsgateway.mydomain.com (gateway and web access server)

rdsbroker.mydomain.com (broker)

rds1.mydomain.com (desktop host)

rds2.mydomain.com (desktop host)

rds3.mydomain.com (desktop host)

I have attached the SAN certificate to all roles in the deployment properties, and they all have a level of Trusted and status OK.

Still, when i open the desktop collection rdp file in RDweb, i am prompted to accept the certificate for rdsbroker.mydomain.com. It is the correct certificate (desktop.mydomain.com) but it does not seem to accept the alternate name rdsbroker.mydomain.com.