This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== WinRM HTTPS Listener ====== ===== Identify Suitable Certificates ===== <code lang=powershell> PS C:\> Get-ChildItem -Path "Cert:\LocalMachine\My" | Select-Object -Property Thumbprint,DnsNameList,EnhancedKeyUsageList Thumbprint DnsNameList EnhancedKeyUsageList ---------- ----------- -------------------- 95B5F861C9495942C7D38FF570611F128F36CA75 {mars01.mueller.world} {Server Authentication (1.3.6.1.5.5.7.3.1)} </code> ===== Create Listener ===== <code lang=powershell> PS C:\> New-Item -Path "WSMan:\localhost\Listener" -Transport "HTTPS" -Address "*" -CertificateThumbPrint "95B5F861C9495942C7D38FF570611F128F36CA75" -Force WSManConfig: Microsoft.WSMan.Management\WSMan::localhost\Listener Type Keys Name ---- ---- ---- Container {Transport=HTTPS, Address=*} Listener_1305953032 </code> ===== Windows Firewall ===== <code powershell> PS C:\> New-NetFirewallRule -DisplayName "Windows Remote Management (HTTPS-In)" -Profile Any -RemoteAddress 10.80.0.0/24 -Protocol TCP -LocalPort 5986 -Action Allow Name : {41450671-c1dd-4569-9719-a32d5df7f814} DisplayName : Windows Remote Management (HTTPS-In) Description : ... </code>