/ Sitecore

WinRM over HTTPS for a Sitecore 9.1 SIF Distributed Installation

If you want to perform a Sitecore 9.1 SIF Distributed Installation you will need to ensure that WinRM operates over HTTPS. This is because Sitecore 9.1 contains SSL based endpoints (ex. Solr, Sitecore Roles, etc.). This can be achieved via the following steps:

  • Ensure that Port 5986 is open on your network and in between your machines, as well as, the default WinRM Port of 5985. A great guide if you are using Azure is as follows: https://www.techdiction.com/2016/02/11/configuring-winrm-over-https-to-enable-powershell-remoting/
  • Create a self-signed cert on Distributor and install this to the Personal Certificates of the local machine on each target. You do not need the root cert for it to work. The PowerShell for creating a self-signed cert is as follows. Ensure that you export it as a PFX with Private Keys.
# Create Cert
New-SelfSignedCertificate -DnsName mycomputer.mydomain.com -CertStoreLocation Cert:\LocalMachine\My
  • On the distributer and target VMs configure WinRM to listen on 5986. This is achieved by adding an HTTPS listener bound to your self-signed certificate. You will need to run the following in a Command Prompt as an Administrator (not PowerShell). NOTE: Replace the thumbprint with the thumbprint of the certificate you created above.
# Add HTTPS Listener with Binding to Certificate
winrm create winrm/config/Listener?Address=*+Transport=HTTPS @{Hostname="mycomputer.mydomain.com"; CertificateThumbprint="BCA8C65A7D9E39431ED6FA77C6F87BC75D698730"}
  • Check that the WinRM listeners are now using HTTPS and bound to your certificate. You will need to run the following in a Command Prompt as an Administrator (not PowerShell). 
# Check Listeners
WinRM e winrm/config/listener

Once you have confirmed that each machine has the certificate and is listening over HTTPS for WinRM (along with any network considerations), the Sitecore 9.1 SIF should be able to proceed with successfully connecting. Without that, you are likely to get an error akin to:

Connecting to remote server mycomputer.mydomain.com failed with the following error message : The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.