3.0 KiB
Configure WinRM to Use HTTPS
Dienstag, 9. Januar 2018
12:48
You can configure the WinRM host to enable communication with the PowerShell plug-in through the HTTPS protocol.
The WinRM host requires a certificate so that it can communicate through the HTTPS protocol. You can either obtain a certificate or generate one. For example, you can generate a self-signed certificate by using the Certificate Creation tool (makecert.exe) that is part of the .NET Framework SDK.
Prerequisites
Verify that you can access the Microsoft Management Console (mmc.exe) on the WinRM host.
Procedure
| 1 | Generate a self-signed certificate. The following command line contains example syntax for creating a certificate on the WinRM host by using makecert.exe. makecert.exe -r -pe -n "CN=host_name-3,O=organization_name" -e mm/dd/yyyy -eku 1.3.6.1.5.5.7.3.1 -ss my -sr localMachine -sky exchange -sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12 certificate_name.cer |
||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2 | Add the generated certificate by using the Microsoft Management Console.
|
||||||||||||
| 3 | Create an HTTPS listener by using the correct thumbprint and host name. The following command line contains example syntax for creating an HTTPS listener. winrm create winrm/config/Listener?Address=*+Transport=HTTPS @{Hostname="host_name";CertificateThumbprint="certificate_thumbprint"} |
||||||||||||
| 4 | Test the connection. The following command line contains example syntax for testing the connection. winrs -r:https://host_name:port_number -u:user_name -p:password hostname"} |