1. Enable Remote Management
    • Enable remoting on server from your client. Changes "client name" to your client machine name
      • Enable-PSRemoting -Force
      • winrm s winrm/config/client '@{TrustedHosts="client name"}'
    • winrm quickconfig
    • Setup SSL
      • $certificate = New-SelfSignedCertificate -CertstoreLocation Cert:\LocalMachine\My -DnsName ([System.Environment]::MachineName)
      • Export-Certificate -Cert $certificate -FilePath "$([System.Environment]::GetFolderPath([System.Environment+SpecialFolder]::DesktopDirectory))\$([System.Environment]::MachineName).cer"
    • Show Listeners
      • Get-ChildItem wsman:\localhost\listener
      • winrm enumerate winrm/config/listener
    • Remove old HTTP listeners
      • Get-ChildItem WSMan:\Localhost\listener | Where -Property Keys -eq "Transport=HTTP" | Remove-Item -Recurse
    • Add new HTTPS listeners
      • New-Item -Path WSMan:\LocalHost\Listener -Transport HTTPS -Address * -CertificateThumbPrint $certificate.Thumbprint –Force
    • Import Certificate on client machine, just change [server name] to the server name
      • Import-Certificate -CertStoreLocation 'Cert:\LocalMachine\Root' -FilePath "$([System.Environment]::GetFolderPath([System.Environment+SpecialFolder]::DesktopDirectory))[server name].cer"
    • Validate Settings
      • winrm g winrm/config
      • Get-Service winrm
    • Enable Firewall Entry
      • New-NetFirewallRule -DisplayName 'Windows Remote Management (https)' -Profile @('Domain', 'Private') -Direction Inbound -Action Allow -Protocol TCP -LocalPort @('5986')
  2. Test Connection
    • Test-WSMan -Computername "server name" -UseSSL