Not Processing Hex

Welcome Forums General PowerShell Q&A Not Processing Hex

This topic contains 1 reply, has 2 voices, and was last updated by

 
Participant
2 weeks, 4 days ago.

  • Author
    Posts
  • #125984

    Participant
    Points: -9
    Rank: Member

    Hello,

    Thanks in advance.

    This should be easy but I have been beating my head on this for awhile and none of my approaches have solved the problem.  I would really appreciate someone taking a look at this and going "Well here's your problem." and making me feel stupid.

    Enviorment:

    Newly installed Win 2016 server. Low spec and running on bare metal. AD, CA, and File shares are the only things on it so far.

    Goal:

    Simple remote access with Powershell

    Error:

    WS-Management service cannot process the configuration request because the certificate
    thumbprint in the request is not a valid hex string

    The story this far.......

    Server has CA installed and configured. it has a Microsoft Enerprise CA. I edited it from all to only these properties and set it to all there so that signing would work. ( Past trouble with WS-Man at the listener stage has made that part of my process)

    Client machine and user certs have been issued and imported. Server CA imported into workstation as root authority.

    The HTTPS listener service is configured and listening correctly. I can sign into the server remotely using credentials.

    The error comes when I am setting up credential authentication on the server side.

    Here is the Command I am entering and the output.

    PS C:\Windows\system32> New-item -Path WSMan:\localhost\ClientCertificate\ -Credential (Get-Credential) -Subject xxxx\xxxx -uri * -Issuer ‎e47f116c585bfd3c627ff1df0c25802076662
    cmdlet Get-Credential at command pipeline position 1
    Supply values for the following parameters:
    New-item : The WS-Management service cannot process the configuration request because the certificate
    thumbprint in the request is not a valid hex string: ‎e47f116c585bfd3c627ff1df0c25802076662.
    At line:1 char:1
    + New-item -Path WSMan:\localhost\ClientCertificate\ -Credential (Get-C ...
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo : NotSpecified: (:) [New-Item], InvalidOperationException
    + FullyQualifiedErrorId : System.InvalidOperationException,Microsoft.PowerShell.Commands.NewItemComman

     

    Thank you.

  • #126159

    Participant
    Points: 307
    Helping Hand
    Rank: Contributor

    You are doing this to the localhost, why are you using a credential object?

    The command would just use your current identity.

    Why are you trying to install a client cert to a non-certificatestore path?

    The drive for certs is 'cert:\'

    https://blogs.technet.microsoft.com/scotts-it-blog/2014/12/30/working-with-certificates-in-powershell

    You should just use the certificate cmdlets to import the certificate to the cert store.

    https://docs.microsoft.com/en-us/powershell/module/pkiclient/import-certificate?view=win10-ps

     

You must be logged in to reply to this topic.