Forge Home

winrmssl

Setup WinRM over HTTPS and control some basic, essential settings. Also supports Puppet CA issued certificates.

8,155 downloads

8,155 latest version

4.6 quality score

We run a couple of automated
scans to help you access a
module's quality. Each module is
given a score based on how well
the author has formatted their
code and documentation and
modules are also checked for
malware using VirusTotal.

Please note, the information below
is for guidance only and neither of
these methods should be considered
an endorsement by Puppet.

Version information

  • 0.0.2 (latest)
released Dec 8th 2015
This version is compatible with:

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this module to your Puppetfile:

mod 'new23d-winrmssl', '0.0.2'
Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add new23d-winrmssl
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install new23d-winrmssl --version 0.0.2

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.

Download
Tags: ssl, https, tls, winrm

Documentation

new23d/winrmssl — version 0.0.2 Dec 8th 2015

winrmSSL

Setup WinRM over HTTPS and control some basic, essential settings. Also supports Puppet CA issued certificates.

Parameters

issuer can be set to either the value of the "Issued By" field of the certificate to utilise, or the path to the certificate issuer's/authority's .PEM public certificate file.

port (default 5986) This is for HTTPS only.

maxmemoryshellpermb (default 1024) As per the WinRM setting. You may need to apply Microsoft KB2842230 for this to take effect.

maxtimeoutms (default 60000) As per the WinRM setting.

auth_basic (default true) Since you are HTTPS secured now, no harm in allowing Basic Auth.

disable_http (default true) Removes the HTTP listener completely from WinRM so that plaintext transport is simply not available.

Examples

Note that the following example uses the new23d-puppetpem2p12 module for the puppet_config_localcacert fact.

# read the path to the Puppet CA's .PEM file into a variable
$ca_to_trust = $::puppet_config_localcacert

winrmSSL {$ca_to_trust:
  ensure => present,
  issuer => $ca_to_trust,
  #port                => 5986,
  #maxmemorypershellmb => 1024,
  #maxtimeoutms        => 60000,
  #auth_basic          => true,
  #disable_http        => true
}