Skip to content

Setup WinRM over HTTPS and control some basic, essential settings. Also supports Puppet CA issued certificates.

License

Notifications You must be signed in to change notification settings

new23d/puppet-winrmSSL

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
 
 
 
 
 
 
 
 

Repository files navigation

winrmSSL

Setup WinRM over HTTPS and control some basic, essential settings. Also supports Puppet CA issued certificates.

Parameters

issuer can be set to either the value of the "Issued By" field of the certificate to utilise, or the path to the certificate issuer's/authority's .PEM public certificate file.

port (default 5986) This is for HTTPS only.

maxmemoryshellpermb (default 1024) As per the WinRM setting. You may need to apply Microsoft KB2842230 for this to take effect.

maxtimeoutms (default 60000) As per the WinRM setting.

auth_basic (default true) Since you are HTTPS secured now, no harm in allowing Basic Auth.

disable_http (default true) Removes the HTTP listener completely from WinRM so that plaintext transport is simply not available.

Examples

Note that the following example uses the new23d-puppetpem2p12 module for the puppet_config_localcacert fact.

# read the path to the Puppet CA's .PEM file into a variable
$ca_to_trust = $::puppet_config_localcacert

winrmSSL {$ca_to_trust:
  ensure => present,
  issuer => $ca_to_trust,
  #port                => 5986,
  #maxmemorypershellmb => 1024,
  #maxtimeoutms        => 60000,
  #auth_basic          => true,
  #disable_http        => true
}

About

Setup WinRM over HTTPS and control some basic, essential settings. Also supports Puppet CA issued certificates.

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages