User guide

User Guide NetXtreme II
September 2013
Broadcom Corporation
Document INGSRVT78-CDUM100-R Detailed Procedures Page 119
e. Click the Details tab.
f. Scroll down and select the Thumbprint field.
g. Select and copy the thumbprint in the Details window so you can insert it in the next step.
h. Return to the command prompt.
i. Enter the following command:
winrm create winrm/config/Listener?Address=*+Transport=
HTTPS @{Hostname="<HostName or IPAddress>";
CertificateThumbprint="<paste from the previous step and remove the spaces>"}
j. The above command creates a listener on the HTTPS port (5986) using any/all network address of the server, and
my SelfSSL generated certificate.
k. You can use the winrm command to modify or set the HTTPS listener, as WinRM listeners can be configured on any
user defined port.
l. From command prompt, run the following command to verify that the listener(s) that have been configured:
winrm e winrm/config/listener
2. Test HTTPS/SSL connection on the server.
a. At the command prompt on the server, enter the following command:
winrs -r:https://yourserver:5986 -u:username -p:password hostname
b. If setup correctly, the output of the command shows the server host name.
c. To check WinRM Service Configuration, run the following command:
winrm get winrm/config/service
Additional Server Configuration
If necessary, modify the firewall rules as follows:
Windows Server 2008 R2
1. From the Administrative Tools menu, open Windows Firewall with Advanced Security.
2. Right-click Inbound Rules and select New Rule.
The new rule wizard opens.
3. Select Port and click Next.
4. On the Protocol and Ports screen, select TCP and enter the specific port, for example, 5985 for HTTP or 5986 for
HTTPS.
5. Click Next.
6. On the Action screen, select Allow the connection and click Next.
7. For Profile, you can select all three profiles if your server is in a workgroup.
8. Specify a name for the rule and click Finish.
9. Ensure that the new rule and is enabled (the green check box is selected).
NOTES:
If the certificate was generated using the host name, enter the host name. If it was generated using the IP
address, enter the IP address. For an IPv6 address, use brackets [ ] around the address.
If HTTPS is configured in your system, the listener must be deleted before creating a new HTTPS listener. Use
the following command:
winrm delete winrm/config/Listener?Address=*+Transport=HTTPS