We have the certificate, which aws gives us the fingerprint of in the
console output.
I’ve manually copied in into place with the gui and have had it work fine.
I’m still having trouble getting the certificate from the “Remote
Desktop” store into the right place in an automated fashion without
the gui.
Any thoughts?
PS C:\> hostname
ip-0A71462E
PS C:\> dir "cert:\localmachine\Remote Desktop"
Directory: Microsoft.PowerShell.Security\Certificate::localmachine\Remote
Desktop
Thumbprint Subject
---------- -------
18315D1A11CA40F46A5EC777012986055095BB75 CN=ip-0A71462E
PS C:\> winrm quickconfig -transport:https
WinRM service is already running on this machine.
WSManFault
Message
ProviderFault
WSManFault
Message = Cannot create a WinRM listener on HTTPS
because this machine does not have an appropriate cert
ificate. To be used for SSL, a certificate must have a CN matching the
hostname, be appropriate for Server Authenticatio
n, and not be expired, revoked, or self-signed.
Error number: -2144108267 0x80338115
Cannot create a WinRM listener on HTTPS because this machine does not
have an appropriate certificate. To be used for SS
L, a certificate must have a CN matching the hostname, be appropriate
for Server Authentication, and not be expired, rev
oked, or self-signed.