Powershell Remoting over HTTPS

Further Reading: I wrote a follow up article called Powershell Remoting where I look at what happens when the certificate renews or gets deleted. The outcome is not what you’d think!

If you are going to use the View PowerCLI Cmdlets then enabling and using Powershell Remoting makes it a whole lot more accessible, otherwise you have to remote onto a Connection Server and run the cmdlets from there. Below I have some notes on getting WinRM setup to use HTTPS.

Once you have a Server Authentication certificate available on the machine you can run the following to obtain its thumbprint

We’ll assign the certificate to a variable

(Note that the CN of the certificate must match the FQDN)

Assign the FQDN to a variable

Run the following command to enable the WinRM listener using HTTPS

You should now find that WinRM is enabled to work over HTTPS. You can check the listener by running the following

When using Invoke-Command, Invoke-Expression etc, don’t forget to use the -UseSSL switch and specify the FQDN of the remote computer.

This was tested in an enterprise environment with an internal Certificate Authority

Read the next article about remoting

Leave a Reply

Your email address will not be published. Required fields are marked *