Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
tutorial:adm:configuration_-_winrm [2024/01/30 06:45]
erbenr 		tutorial:adm:configuration_-_winrm [2024/02/05 05:29] (current)
erbenr
Line 309: Line 309:
  
 The tested way to generate self signed certificate on linux via tutorial which can be found [[https://medium.com/@tbusser/creating-a-browser-trusted-self-signed-ssl-certificate-2709ce43fd15|here]] you should follow whole process except the part with finals steps because for our purpose we don't need to import it to browsers. The tested way to generate self signed certificate on linux via tutorial which can be found [[https://medium.com/@tbusser/creating-a-browser-trusted-self-signed-ssl-certificate-2709ce43fd15|here]] you should follow whole process except the part with finals steps because for our purpose we don't need to import it to browsers.
-Create and export self signed certificate with powershell: 
  
 Now we have certificate which is imported in our windows server and now we can configure the HTTP listener Now we have certificate which is imported in our windows server and now we can configure the HTTP listener
 +
 +Create and export self signed certificate with powershell:
 <code powershell> <code powershell>
 $pathToCertificate="C:\Users\Administrator.ZOO\Desktop\certificate"  ## Specify your preferred location for export $pathToCertificate="C:\Users\Administrator.ZOO\Desktop\certificate"  ## Specify your preferred location for export
-$hostname='bear.zoo.bcv' #hostname your machine+$hostname='ad.idstory.idm' #hostname your machine
 $params = @{ $params = @{
     Subject = "CN=winrm.$hostname"     Subject = "CN=winrm.$hostname"
-    DnsName = 'bear.zoo.bcv'+    DnsName = 'ad.idstory.idm'
     CertStoreLocation = 'Cert:\LocalMachine\My' #Certificate for WinRM, must be in stored in Local Computers     CertStoreLocation = 'Cert:\LocalMachine\My' #Certificate for WinRM, must be in stored in Local Computers
     KeyExportPolicy ='Exportable'      KeyExportPolicy ='Exportable' 
Line 326: Line 327:
 } }
  
-#$cert = New-SelfSignedCertificate -Subject "CN=bear.zoo.bcv" -CertStoreLocation "Cert:\CurrentUser\My" -KeyExportPolicy Exportable -KeySpec Signature -KeyLength 2048 -KeyAlgorithm RSA -HashAlgorithm SHA256    ## Replace {certificateName} 
 $cert = New-SelfSignedCertificate @params $cert = New-SelfSignedCertificate @params
 Export-Certificate -Cert $cert -FilePath "$pathToCertificate\$hostname.cer"  Export-Certificate -Cert $cert -FilePath "$pathToCertificate\$hostname.cer" 
Line 345: Line 345:
 </code> </code>
  
-Restart WinRM+Create firewall rule for WinRM HTTPS: 
 +<code powershell> 
 +New-NetFirewallRule -Displayname 'WinRM - Powershell remoting HTTPS-In' -Name 'WinRM - Powershell remoting HTTPS-In' -Profile Any -LocalPort 5986 -Protocol TCP 
 +</code>
  
 +Restart WinRM
 <code powershell> <code powershell>
 Restart-Service winrm Restart-Service winrm
- 
 </code> </code>
  
Line 355: Line 358:
  
  
 +===== Powershell 7 support =====
 +
 +Install powershell 7: https://learn.microsoft.com/en-us/powershell/scripting/install/installing-powershell-on-windows?view=powershell-7.4#installing-the-msi-package
 +
 +Run app ''C:\Program Files\PowerShell\7\pwsh.exe'' and execute
 +<code powershell>
 +Enable-PSRemoting 
 +</code>
  
  
  • by erbenr