certificate issue on windows 11

Question

certificate issue on windows 11

malinka-2233 opened this issue a year ago · 2 comments

Hey! There seems to be a problem with windows 11 and certificate auth. I use this to connect:

package main

import (
	"context"
	"fmt"
	"os"

	"github.com/masterzen/winrm"
)

func main() {
	key, err := os.ReadFile("key2.pem")
	if err != nil {
		panic(err)
	}
	cert, err := os.ReadFile("client2.pem")
	if err != nil {
		panic(err)
	}
	end := winrm.NewEndpoint("192.168.0.101", 5986, true, true, nil, cert, key, 0)

	params := winrm.NewParameters("PT60S", "en-US", 153600)
	params.TransportDecorator = func() winrm.Transporter {
		return &winrm.ClientAuthRequest{}
	}
	client, err := winrm.NewClientWithParameters(end, "win", "pass", params)
	if err != nil {
		panic(err)
	}
	out, errout, _, err := client.RunWithContextWithString(context.TODO(), "ipconfig", "")

	if err != nil {
		panic(err)
	}
	fmt.Println(out)
	fmt.Println(errout)
}

client2.pem was imported on the system and a certmapping was created using the same method as i used for windows 10.
But it does not connect and throws an error like this:
panic: unknown error Post "https://clientip:5986/wsman": read tcp myip:54434->clientip:5986: read: connection reset by peer

pywinrm connects using the same certs without issues. go auth on basic https works fine too.

Answer 1 · 2023-07-17T11:07:03.000Z

Can be fixed by using decade-old forks of http and tls from https://launchpad.net/~gwacl-hackers/gwacl/trunk :(

Answer 2 · 2023-07-17T14:45:24.000Z

it can also be avoided by limiting the tls version to 1.2