Hello,
I have succesfully setting up a WINRM listener as HTTPS transport. But, when I want to create a new PS Session to the machine the following error occured:The SSL certificate contains a common name (CN) that does not match the hostname.
This is the statement" $s = New-PSSession 10.12.25.1 -Port 5000 -Credential phb\adm_william -UseSSL
Host 10.12.25.1 is a firewall/router and port 5000 will be forward to 192.168.128.130:5986
The hostname of 192.168.128.130 is cb-app.phb and the cn of the certificate is cb-app.phb.
I have just imported the certificate on the client computer but I got the same error.
Do you have any idea of a sulution?
Regards,
William
You'd never import the certificate onto the client.
SSL certificate configuration isn't something I have to do a lot, but what the error means is that you're accessing host 10.12.25.1 but it isn't presenting a certificate with 10.12.25.1 as the host name. When you use SSL, the name you provide to New-PSSession must match the name in the SSL certificate. That's how PowerShell ensures you're hitting the correct machine.
As-is, you're asking for 10.12.25.1, but you're getting "cb-app.phb," so PowerShell thinks you're getting the wrong machine based on the SSL cert.
Before you create a new PS session, create a PS session option object using New-PSSessionOption cmdlet and its SkipCNCheck parameter:
$so = New-PSSessionOption -SkipCNCheck
And then, add it to your New-PSSession command:
$s = New-PSSession 10.12.25.1 -Port 5000 -Credential phb\adm_william -UseSSL -SessionOption $so