If the client makes a request to the VIP address over HTTPS with a host header value that doesn't match the cert's CN, they'll get the browser prompt to accept the mismatched cert. There isn't anything you can do to eliminate that.
You can try to eliminate the scnearios whereby a user would make a request to the VIP via HTTPS with the wrong Host header value though.
If the client is first making a request via HTTP to the VIP address, you could redirect them to the correct host via HTTPS (https://remedy.xxx.net). They wouldn't get the cert warning then.
Aaron