HOW TO REMOTE POWERSHELL OVER HTTPS WITH OO USING A SELF-SIGNED CERTIFICATE

NB: in this exemple, Cthulhu is the name of my server. Change with proper fqdn hostname of target server.

C:\Users\alcabas>openssl req -x509 -days 3650 -newkey rsa:2048 -keyout privatekey.key

-out certificate.crt
Loading 'screen' into random state - done
Generating a 2048 bit RSA private key
...............+++ Generate a selfsigned
writing new private key to 'privatekey.key' certificate for the target
Enter PEM pass phrase: server using OpenSSL
Verifying - Enter PEM pass phrase:
----- (where you want)
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:FR
State or Province Name (full name) [Some-State]: Convert the certificate in
Locality Name (eg, city) []:
PKCS12 to facilitate
Organization Name (eg, company) [Internet Widgits Pty Ltd]:opsware
Organizational Unit Name (eg, section) []: integration in Windows
Common Name (e.g. server FQDN or YOUR name) []:CTHULHU
Email Address []:

C:\Users\alcabas>openssl pkcs12 -export -out server.pfx -inkey privatekey.key -in

certificate.crt
Loading 'screen' into random state - done
Enter pass phrase for privatekey.key:
Enter Export Password: On target server, configure winrm (if any problem, try
Verifying - Enter Export Password:
enabling temporary the windows firewall service)
C:\Users\user>winrm quickconfig
WinRM service is already running on this machine.
WinRM is not set up to allow remote access to this machine for management.
The following changes must be made:

Configure LocalAccountTokenFilterPolicy to grant administrative rights remotely

to local users.

Make these changes [y/n]? y

WinRM has been updated for remote management.

Configured LocalAccountTokenFilterPolicy to grant administrative rights remotely

to local users.

C:\Users\user>winrm delete winrm/config/listener?Address=*+Transport=HTTP

Delete the http listener

created automaticaly
 Import on target
SERVER in the
LocalMachine keytool.
To do so : mmc add
snap-in Certificate
Local Computer.

Then edit its properties

to select only Server
Authentication as
purpose

Print the certificate Thumbprint (We could

have get it from above cert manager, but it
is filled with white space, and im lazy)

C:\Users\user>powershell dir cert:Localmachine/My

Directory: Microsoft.PowerShell.Security\Certificate::Localmachine\My
Thumbprint Subject
---------- -------
298C4479EFC8A928338335B7B80BE502CE1CCC24 CN=CTHULHU, O=opsware, S=Some-State, C=FR

Create the
C:\Users\user>winrm create winrm/config/listener?Address=*+Transport=HTTPS WinRM HTTPS
@{CertificateThumbprint="298C4479EFC8A928338335B7B80BE502CE1CCC24"}
listener, using the
ResourceCreated
Address = http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous thumbprint
ReferenceParameters
ResourceURI = http://schemas.microsoft.com/wbem/wsman/1/config/listener
SelectorSet
Selector: Address = *, Transport = HTTPS
Lets first try a direct
C:\Users\alcabas>Powershell powershell from client
Windows PowerShell
Copyright (C) 2009 Microsoft Corporation. All rights reserved. computer

PS C:\Users\alcabas> $so = New-PsSessionOption -SkipCACheck

PS C:\Users\alcabas> etsn -cn cthulhu -Credential cthulhu\user -UseSSL -SessionOption
$so
[cthulhu]: PS C:\Users\user\Documents> hostname
CTHULHU
Lets test via HPOO with
the PowerShell Script
operation

Here you can see the

returned result !