Setting up WinRM
Example guide for setting up WinRM on target machines
Overview
Customers are responsible for the configuration of their servers and environments. For reference and testing, the below PowerShell script can be run on a target machine to enable WinRM with a self-signed certificate. We recommend creating a certificate with a public CA in your production environment.
Below is a breakdown of what this script performs to configure WinRM on a Windows machine:
Set the network connection profile to Private:
Configure and enable WinRM:
Allow non-SSL (unencrypted) traffic on port 5985:
Create a self-signed SSL certificate for encrypted traffic on port 5986:
Create Windows Firewall rules to allow inbound traffic on ports 5985 (non-SSL) and 5986 (SSL):
After running this script, WinRM will be configured to allow both unencrypted (port 5985) and encrypted (port 5986) remote connections. Additionally, Windows Firewall rules will be created to allow inbound traffic on these ports.
From a Windows server, you can test the connectivity to the target machine through PowerShell:
Last updated