Suggestion to use enrypted winrm

[diseq]

just a suggestion, as we use ssh it might be nice to use encrypted winrm. i use following script in my boxes. maybe thats something to integrate: (the only thing woul be to recreate certificate on vagrant up (in tpl file)

& "$PSScriptRoot\makecert" -sk "$env:COMPUTERNAME" -ss My -sr localMachine -r -n "CN=$env:COMPUTERNAME" -a sha1 -eku "1.3.6.1.5.5.7.3.1"
$thumbprint = ((Get-ChildItem -Path cert:\LocalMachine\My | Where-Object {$_.Subject -eq "CN=$env:COMPUTERNAME"}) | Select-Object -first 1).Thumbprint
winrm create winrm/config/listener?Address=*+Transport=HTTPS "@`{Hostname=`"$env:COMPUTERNAME`";CertificateThumbprint=`"$thumbprint`";Port=`"5986`"`}"

net stop winrm
net start winrm

netsh advfirewall firewall add rule name="Windows Remote Management (HTTPS-In)" dir=in action=allow protocol=TCP localport=5986

btw. thanks for the great work!

[diseq]

by trying the winrm version with vmware provider i receive follwing error: (seems to connect no nonssl winrm with ssl winrm)

 INFO winrmshell: Attempting to connect to WinRM (patched)...
 INFO winrmshell:   - Host: 192.168.240.134
 INFO winrmshell:   - Port: 5985
 INFO winrmshell:   - Username: vagrant
 INFO winrm: WinRM not up: #<VagrantPlugins::CommunicatorWinRM::Errors::ExecutionError: An error occurred executing a remote WinRM command.

Shell: powershell
Command: hostname
if ($?) { exit 0 } else { if($LASTEXITCODE) { exit $LASTEXITCODE } else { exit 1 } }
Message: SSL_connect returned=1 errno=0 state=SSLv2/v3 read server hello A: unknown protocol>

[juju4]

would be great addition! +1