Facing issues with WinRM connection

Deepa Yr

unread,

Apr 7, 2016, 7:10:56 AM4/7/16

to Ansible Project

WinRM is already set up to receive requests on this computer.

WinRM has been updated for remote management.

Created a WinRM listener on HTTP://* to accept WS-Man requests to any IP on this machine.

WinRM firewall exception enabled.

Configured LocalAccountTokenFilterPolicy to grant administrative rights remotely to local users.

(Legacy) Self-signed SSL certificate generated; thumbprint: DCDC74FDA8CADDB6667804DA9A683CA72D79C77A

New-WSManInstance : The WinRM client cannot process the request. The certificate CN and the hostname that were

provided do not match.

At C:\ConfigureRemotingForAnsible.ps1:145 char:5

+ New-WSManInstance -ResourceURI 'winrm/config/Listener' -SelectorSet $selecto ...

+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

+ CategoryInfo : InvalidOperation: (:) [New-WSManInstance], InvalidOperationException

+ FullyQualifiedErrorId : WsManError,Microsoft.WSMan.Management.NewWSManInstanceCommand

Getting above error.

I checked $env.ComputerName which is used for CN and hostname values are same. Still I am getting above error.

Need help in resolving this

Thanks

Deepa

J Hawkesworth

unread,

Apr 8, 2016, 5:53:31 AM4/8/16

to Ansible Project

Can you try re-running the script https://raw.githubusercontent.com/ansible/ansible/devel/examples/scripts/ConfigureRemotingForAnsible.ps1 please?

Which version of Windows are you running against?

Deepa Yr

unread,

Apr 10, 2016, 10:48:19 PM4/10/16

to Ansible Project

I tried running the script and noticed the same issue.

I am trying this on Windows 2008 R2 and Windows 2008 SP2.

I have upgraded to Powershell 3

J Hawkesworth

unread,

Apr 12, 2016, 9:23:25 AM4/12/16

to Ansible Project

Do you have the legacy winrm connectors set up (winrm originally listened on ports 80 (http) and 443 (https)?

If you don't need these, then please remove them - there is an open defect regarding handling legacy listeners which stops the setup module from gathering facts.

If you do need the legacy listeners please comment on the bug report which is here: https://github.com/ansible/ansible/issues/14643

Also its possible your machines do have changed hostnames. There is a Pull Request to fix this problem here https://github.com/ansible/ansible/pull/15275

Please can you try the ConfigureRemotingForAnsible.ps1 script from the Pull Request - here:

https://raw.githubusercontent.com/Cryptophobia/ansible/devel/examples/scripts/ConfigureRemotingForAnsible.ps1

but run with the ForceNewSSLCert option (like this)

.\ConfigureRemotingForAnsible.ps1 -ForceNewSSLCert true

If you could comment on the https://github.com/ansible/ansible/pull/15275 with the results of your testing that would be helpful.

Many thanks,

Jon

Fahd Ajmal Sheikh

unread,

Dec 19, 2016, 9:02:06 PM12/19/16

to Ansible Project

Hi,

was this issue resolved?

I am getting a similar issue when running the prep script. I tried using the "-ForceNewSSLCert true" switch but it did not resolve the issue.

I am unable to add new hosts to the env due to this failure.

J Hawkesworth

unread,

Dec 20, 2016, 7:12:13 AM12/20/16

to Ansible Project

What error do you get when you try to connect?

Reply all

Reply to author

Forward