Would love to see this as an option. Biggest issue for me is AD servers using non-wildcard certs, and our need to connect to a subdomain with round robin dns to any of our AD servers. Having creds sent in plain text is not very good. Its not great that we have Cert errors but we're limited in our ability to fix that.