PS C:\> Get-ChildItem -Path "Cert:\LocalMachine\My" | Select-Object -Property Thumbprint,DnsNameList,EnhancedKeyUsageList

Thumbprint                                  DnsNameList               EnhancedKeyUsageList
----------                                  -----------               --------------------
95B5F861C9495942C7D38FF570611F128F36CA75    {mars01.mueller.world}    {Server Authentication (1.3.6.1.5.5.7.3.1)}

PS C:\> New-Item -Path "WSMan:\localhost\Listener" -Transport "HTTPS" -Address "*" -CertificateThumbPrint "95B5F861C9495942C7D38FF570611F128F36CA75" -Force

WSManConfig: Microsoft.WSMan.Management\WSMan::localhost\Listener

Type            Keys                                Name
----            ----                                ----
Container       {Transport=HTTPS, Address=*}        Listener_1305953032

PS C:\> New-NetFirewallRule -DisplayName "Windows Remote Management (HTTPS-In)" -Profile Any -RemoteAddress 10.58.5.0/24 -Protocol TCP -LocalPort 5986 -Action Allow


Name                          : {41450671-c1dd-4569-9719-a32d5df7f814}
DisplayName                   : Windows Remote Management (HTTPS-In)
Description                   :
DisplayGroup                  :
Group                         :
Enabled                       : True
Profile                       : Any
Platform                      : {}
Direction                     : Inbound
Action                        : Allow
EdgeTraversalPolicy           : Block
LooseSourceMapping            : False
LocalOnlyMapping              : False
Owner                         :
PrimaryStatus                 : OK
Status                        : The rule was parsed successfully from the store. (65536)
EnforcementStatus             : NotApplicable
PolicyStoreSource             : PersistentStore
PolicyStoreSourceType         : Local
RemoteDynamicKeywordAddresses : {}
PolicyAppId                   :
PackageFamilyName             :