Author Posts

August 8, 2016 at 12:55 pm

Hi Guys,

I'm trying to programatically configure WinRM for a number of servers, and am having an issue with one of the commands.

winrm create winrm/config/listener?Address=*+Transport=HTTPS @{Hostname="$hostname";CertificateThumbprint="$thumbprint"}

Now – Powershell see's the @ symbol as an operator (array?) and therefore this command only works if i use single quotes before the @ and at the end of the line (and using actual values for hostname and thumbprint, but doing so means that my two variables $hostname and $thumbprint are taken as literals.

Any ideas on how to approach this?

Thanks very much.


  • This topic was modified 2 years, 2 months ago by  DanT.

August 8, 2016 at 1:06 pm

Start-Process -FilePath 'winrm.exe' -ArgumentList "create","winrm/config/listener?Address=*+Transport=HTTPS","@{Hostname='$hostname';CertificateThumbprint='$thumbprint'}" -Wait

Give that a try.

August 8, 2016 at 1:13 pm

This will probably also work:

winrm create winrm/config/listener?Address=*+Transport=HTTPS "@{Hostname=`"$hostname`";CertificateThumbprint=`"$thumbprint`"}"

That being said, you can also just create listeners via the WSMan:\ drive in PowerShell, which avoids the need for the quotes / escaping:

New-Item -Path WSMan:\localhost\Listener -Address * -Transport HTTPS -HostName $hostname -CertificateThumtprint $thumbprint
  • This reply was modified 2 years, 2 months ago by  Dave Wyatt.

August 8, 2016 at 1:29 pm

Guys – thank you very much for your help – i'll give the native powershell code a try 😉


August 8, 2016 at 2:33 pm

one thing that I don't seem to be able to do is to execute this command remotely (in my case via VMware PowerCLi Invoke-VMScript) – i get Access Denied. I'm able to generate the self-signed certificate without an issue.

Is there a limitation on the WSMan:\ namespace that means it can't be manipulated remotely?