This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
juju-manual [2016/12/08 19:22] sgiulitti |
juju-manual [2016/12/08 21:52] (current) |
||
---|---|---|---|
Line 80: | Line 80: | ||
winrm quickconfig | winrm quickconfig | ||
# this will let us use the http listener with password auth | # this will let us use the http listener with password auth | ||
- | winrm set winrm/ | + | winrm set winrm/ |
+ | |||
+ | # make sure this settings are set like this. | ||
+ | winrm set winrm/ | ||
+ | winrm set winrm/ | ||
+ | winrm set winrm/ | ||
+ | winrm set winrm/ | ||
+ | winrm set winrm/ | ||
+ | winrm set winrm/ | ||
</ | </ | ||
Line 107: | Line 115: | ||
C: | C: | ||
Import-PfxCertificate -FilePath .\winrmcacert.pfx -CertStoreLocation Cert: | Import-PfxCertificate -FilePath .\winrmcacert.pfx -CertStoreLocation Cert: | ||
+ | ############################################################################################ | ||
+ | # THIS IS ONLY IF YOU WANT TO TEST THE CA VERIFICATION ON THE HOST WITH Enter-PSSession cmd | ||
Import-PfxCertificate -FilePath .\winrmcacert.pfx -CertStoreLocation Cert: | Import-PfxCertificate -FilePath .\winrmcacert.pfx -CertStoreLocation Cert: | ||
+ | ############################################################################################ | ||
+ | winrm set winrm/ | ||
+ | winrm set winrm/ | ||
winrm create winrm/ | winrm create winrm/ | ||
netsh advfirewall firewall add rule name=" | netsh advfirewall firewall add rule name=" | ||
Line 162: | Line 175: | ||
$username = " | $username = " | ||
$password = " | $password = " | ||
+ | $pfx_password = " | ||
$certThumb = " | $certThumb = " | ||
$CN = "CN OF THE CLIENT CERT" | $CN = "CN OF THE CLIENT CERT" | ||
$secure_password = ConvertTo-SecureString $password -AsPlainText -Force | $secure_password = ConvertTo-SecureString $password -AsPlainText -Force | ||
+ | $pfx_secure_password = ConvertTo-SecureString $pfx_password -AsPlainText -Force | ||
+ | |||
+ | Import-PfxCertificate -FilePath winrmclientcert.pfx -CertStoreLocation Cert: | ||
+ | Import-PfxCertificate -FilePath winrmclientcert.pfx -CertStoreLocation Cert: | ||
+ | |||
$cred = New-Object System.Management.Automation.PSCredential " | $cred = New-Object System.Management.Automation.PSCredential " | ||
Line 172: | Line 191: | ||
# Test client connection with client cert auth without skipping the CA | # Test client connection with client cert auth without skipping the CA | ||
- | |||
Test-WSMan -ComputerName $env: | Test-WSMan -ComputerName $env: | ||
+ | |||
+ | # test client connection with client cert auth and skip the CA verification and CN check | ||
+ | $opt = New-PSSessionOption –SkipCACheck –SkipCNCheck –SkipRevocationCheck | ||
+ | Enter-PSSession -ComputerName $env: | ||
+ | |||
# Remove Client mapping (in case you want to remove it) | # Remove Client mapping (in case you want to remove it) | ||
+ | # THIS WILL REMOVE ALL CLIENT CERTITIFACTES IN WSMAN | ||
Remove-Item -Path WSMan: | Remove-Item -Path WSMan: | ||
</ | </ |