Difference between revisions of "Winrm enable https 5986"
Jump to navigation
Jump to search
| (4 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
| + | # Steps | ||
| + | |||
| + | ## Copy Cert | ||
| + | copy cert called myhost.example.com and import pkcs12 pfx on host | ||
| + | |||
| + | |||
| + | ## enable winrm https port 5986 | ||
``` | ``` | ||
| + | $HN="myhost.example.com"; | ||
winrm delete winrm/config/Listener?Address=*+Transport=HTTPS | winrm delete winrm/config/Listener?Address=*+Transport=HTTPS | ||
| − | |||
$TP=(Get-ChildItem -Path Cert:LocalMachine\MY | where Subject -like "CN=${HN}*").Thumbprint | $TP=(Get-ChildItem -Path Cert:LocalMachine\MY | where Subject -like "CN=${HN}*").Thumbprint | ||
winrm create winrm/config/Listener?Address=*+Transport=HTTPS "@{Hostname=`"${HN}`"; CertificateThumbprint=`"$TP`"}" | winrm create winrm/config/Listener?Address=*+Transport=HTTPS "@{Hostname=`"${HN}`"; CertificateThumbprint=`"$TP`"}" | ||
| Line 7: | Line 14: | ||
``` | ``` | ||
| − | + | ## Connect | |
| + | ``` | ||
| + | enter-pssession -usessl myhost.example.com | ||
``` | ``` | ||
| − | + | ||
| − | + | # Another Way | |
| + | ``` | ||
| + | Set-WSManInstance -ResourceURI winrm/config/Listener -SelectorSet @{Address="*"; Transport="HTTPS"} -ValueSet @{CertificateThumbprint='xxxxx';Hostname='myhost.example.com'} | ||
``` | ``` | ||
| − | + | # More | |
| + | |||
| + | Notes of stuff that seems to not work | ||
``` | ``` | ||
| − | + | winrm quickconfig -transport:https -force | |
| + | New-NetFirewallRule -DisplayName "ALLOW WinRM HTTPS 5986" -Direction inbound -Profile Any -Action Allow -LocalPort 5986 -Protocol TCP | ||
``` | ``` | ||
Latest revision as of 18:26, 17 January 2024
Steps
Copy Cert
copy cert called myhost.example.com and import pkcs12 pfx on host
enable winrm https port 5986
$HN="myhost.example.com";
winrm delete winrm/config/Listener?Address=*+Transport=HTTPS
$TP=(Get-ChildItem -Path Cert:LocalMachine\MY | where Subject -like "CN=${HN}*").Thumbprint
winrm create winrm/config/Listener?Address=*+Transport=HTTPS "@{Hostname=`"${HN}`"; CertificateThumbprint=`"$TP`"}"
New-NetFirewallRule -DisplayName "ALLOW WinRM HTTPS 5986" -Direction inbound -Profile Any -Action Allow -LocalPort 5986 -Protocol TCP
Connect
enter-pssession -usessl myhost.example.com
Another Way
Set-WSManInstance -ResourceURI winrm/config/Listener -SelectorSet @{Address="*"; Transport="HTTPS"} -ValueSet @{CertificateThumbprint='xxxxx';Hostname='myhost.example.com'}
More
Notes of stuff that seems to not work
winrm quickconfig -transport:https -force New-NetFirewallRule -DisplayName "ALLOW WinRM HTTPS 5986" -Direction inbound -Profile Any -Action Allow -LocalPort 5986 -Protocol TCP