Hey everyone,

For a monitoring project i've created a script to create a certificate on a server and create a winrm https listener from the thumbprint. Script is underneath and feel free to use it :)

Now I want to execute this on a lot of servers, can anyone suggest how the best way to do this would be? I can't reboot the servers. Also any suggestions on what folder location the script would best turn on the servers would also be welcome.

Kind regards

$computername = [System.Net.DNS]::GetHostByName('').HostName
$ReqFile = "newwinrmreq.req"
$InfFile = @"
[NewRequest]`r
Subject = "CN=$computername"`r
KeySpec = 1`r
KeyLength = 2048`r
Exportable = TRUE`r
RequestType = CMC`r
[RequestAttributes]`r
CertificateTemplate= WebServerforWinRM
"@
$FinalInfFile = "Cert_Req_Inf-ComputerName-" + ".inf"
New-Item $FinalInfFile -type file -value $InfFile
cmd /c "certreq -new $FinalInfFile $ReqFile"
cmd /c "certreq -submit -attrib certificatetemplate:"WebServerforWinRM" -config fednot.be\CASERVERNAME -f newwinrmreq.req newwinrmreq.cer"
cmd /c "certreq -accept newwinrmreq.cer"
$Thumbprint = (Get-ChildItem -Path Cert:\LocalMachine\My | Where-Object {$_.Subject -match "CN\=$computername"}).Thumbprint
$hostnodom = hostname
cmd /c "setspn -s HTTPS/$computername $hostnodom"
$command1 = "winrm/config/Listener?Address=*+Transport=HTTPS @{Hostname=""" + $computername + """;CertificateThumbprint=""" + $Thumbprint + """}"
cmd /c "winrm create $command1"