Trouble with winrm over ssl on port 5986
dcode opened this issue · 1 comments
dcode commented
I'm trying to run down using WinRM over SSL via vagrant in GCP. No matter what I do, when I run vagrant winrm -c "my_command"
, the WinRM communicator is set to connect to port 5985. It will try to use SSL if I specify that for the transport, but I can't get it to connect to TCP/5986.
Has anyone gotten this to work? Below I have a custom Win 10 Enterprise Eval, but I've had the same issue with the Google public 2016 server image.
Vagrant.configure("2") do |cfg|
cfg.vm.box = "google/gce"
# You can customize any of the winrm settings available in Vagrant
# however, these are the required ones to work with default public Windows images
cfg.vm.communicator = "winrm"
# >>>>> Tried overriding here
cfg.winrm.port = 5986
cfg.winrm.transport = "negotiate"
cfg.winrm.username = "vagrant"
cfg.winrm.ssl_peer_verification = false
cfg.vm.define :winbox do |winbox|
winbox.vm.synced_folder ".", "/vagrant", disabled: true
winbox.vm.provider :google do |google, override|
google.google_project_id = "my-project-id"
google.google_json_key_location = "~/.config/gcloud/my_creds.json"
google.image_family = "windows-10-21h1-ent-x64"
google.machine_type = "n2-standard-4"
google.disk_size = "50"
google.name = "winbox"
# WinRM requires TCP/UDP 5985 and 5986 open
# Add the following rules to Google Firewall Rules and assign the winrm tag
# tcp:5986; tcp:5985 udp:5986; udp:5985
# also need http-server and https-server tags set.
google.tags = ["winrm", "http-server", "https-server"]
google.on_host_maintenance = "TERMINATE"
google.zone = "my-zone-1a"
# >>>>>>>> Tried this too
override.winrm.port = 5986
# If you would like to override the default behavior, you can
# use the following flag
google.setup_winrm_password = true
end
end
end
R3dy commented
Try changing
cfg.winrm.transport = "negotiate"
to
cfg.winrm.transport = :ssl
That is working for me