From 2958a3f82ec0124b3aac2de8d25632fdc3932587 Mon Sep 17 00:00:00 2001 From: "mhorak@totalservice.cz" Date: Mon, 25 Aug 2025 09:31:56 +0200 Subject: [PATCH] version 1.02 --- ConfigWinRM.ps1 | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/ConfigWinRM.ps1 b/ConfigWinRM.ps1 index 00f007e..30264cb 100644 --- a/ConfigWinRM.ps1 +++ b/ConfigWinRM.ps1 @@ -3,7 +3,7 @@ <#PSScriptInfo -.VERSION 1.01 +.VERSION 1.02 .GUID 14e0e777-6ba8-4f3f-b914-53c62e0a72aa @@ -41,6 +41,8 @@ Updated by David Norman Version 1.01 - Fixed issue with HTTPS when certificate in HTTPS listener doesn't match the cert in local store Updated by Michal Horák + Verison 1.02 - Fixed issue when script fails on removing listeners if only HTTP listener exists (no HTTPS listener exists) + Updated by Michal Horák #> <# @@ -647,8 +649,13 @@ if (-not $MyError -and ($RunningConfig.WinRMListeners | Where-Object { $_.Transp Write-MyLog -LOGSeverity "INFO" -LOGMessage ("Removing existing WinRM HTTPS listener") try { - Remove-WSManInstance -ResourceURI 'winrm/config/Listener' -SelectorSet $selectorset - Write-MyLog -LOGSeverity "INFO" -LOGMessage ("WinRM SSL listener removed.") + $existingHttpsListener = $RunningConfig.WinRMListeners | Where-Object { $_.Transport -eq "HTTPS" } + if ($existingHttpsListener) { + Remove-WSManInstance -ResourceURI 'winrm/config/Listener' -SelectorSet $selectorset + Write-MyLog -LOGSeverity "INFO" -LOGMessage ("WinRM SSL listener removed.") + } else { + Write-MyLog -LOGSeverity "INFO" -LOGMessage ("No WinRM HTTPS listener exists, nothing to remove.") + } } catch { Write-MyLog -LOGSeverity "ERROR" -LOGMessage ("Can't remove WinRM HTTPS listener. !!!") @@ -674,6 +681,9 @@ if (-not $MyError -and ($RunningConfig.WinRMListeners | Where-Object { $_.Transp #-------------------------------------------------------------------------------------------------- if (-not $MyError -and -not ($RunningConfig.WinRMListeners | Where-Object { $_.Transport -eq "HTTPS" } ) -and $CFG.WINRMHTTPS.ToLower() -eq "enable") { + # Check for existing HTTPS listener before creating certificate + $existingHttpsListener = Get-WSManInstance -ResourceURI winrm/config/listener -Enumerate | Where-Object { $_.Transport -eq "HTTPS" } + if (-not $existingHttpsListener) { Write-MyLog -LOGSeverity "INFO" -LOGMessage ("Creating new WinRM HTTPS listener.") try { @@ -707,6 +717,9 @@ if (-not $MyError -and ($RunningConfig.WinRMListeners | Where-Object { $_.Transp $MyError = $true } } + } else { + Write-MyLog -LOGSeverity "INFO" -LOGMessage ("WinRM HTTPS listener already exists, skipping creation and certificate issuance.") + } } #-------------------------------------------------------------------------------------------------- if (-not $MyError -and $RunningConfig.WinRMListeners)