diff --git a/.vscode/launch.json b/.vscode/launch.json
new file mode 100644
index 0000000..c0cbb98
--- /dev/null
+++ b/.vscode/launch.json
@@ -0,0 +1,15 @@
+{
+    // Use IntelliSense to learn about possible attributes.
+    // Hover to view descriptions of existing attributes.
+    // For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387
+    "version": "0.2.0",
+    "configurations": [
+        {
+            "name": "PowerShell: Launch Current File",
+            "type": "PowerShell",
+            "request": "launch",
+            "script": "${file}",
+            "args": []
+        }
+    ]
+}
\ No newline at end of file
diff --git a/ConfigWinRM.ps1 b/ConfigWinRM.ps1
index 1867574..00f007e 100644
--- a/ConfigWinRM.ps1
+++ b/ConfigWinRM.ps1
@@ -3,7 +3,7 @@
 
 <#PSScriptInfo
 
-.VERSION 1.00
+.VERSION 1.01
 
 .GUID 14e0e777-6ba8-4f3f-b914-53c62e0a72aa
 
@@ -39,6 +39,8 @@
         Updated by Jordan Borean <jborean93@gmail.com>
         Updated by Erwan Quélin <erwan.quelin@gmail.com>
         Updated by David Norman <david@dkn.email>
+  Version 1.01 - Fixed issue with HTTPS when certificate in HTTPS listener doesn't match the cert in local store
+        Updated by Michal Horák
 #> 
 
 <#
@@ -595,7 +597,31 @@ Function Run
     Write-MyLog -LOGSeverity "INFO" -LOGMessage ("Skipping changes in registry for LocalAccountTokenFilterPolicy.")
   }
 #--------------------------------------------------------------------------------------------------
-  if (-not $MyError -and ($RunningConfig.WinRMListeners | Where-Object { $_.Transport -eq "HTTPS" } ) -and $CFG.WINRMHTTPS.ToLower() -eq "enable" -and $CFG.SelfCertForce.ToLower() -eq "enable" )
+# Get WinRM HTTPS listener thumbprint
+
+$winrmOutput = winrm e winrm/config/listener
+$winrmThumbprint = ($winrmOutput | Where-Object { $_ -match 'CertificateThumbprint' }) -replace '.*CertificateThumbprint\s*=\s*', ''
+
+
+# Get local self-signed certificate thumbprint (adjust subject name as needed)
+$DN = $env:COMPUTERNAME
+$cert = Get-ChildItem -Path Cert:\LocalMachine\My | Where-Object {
+    $_.Subject -like "*CN=$DN*" -and $_.Issuer -eq $_.Subject
+}
+$localThumbprint = $cert.Thumbprint
+
+# Compare the thumbprints
+  if ($localThumbprint -contains $winrmThumbprint) 
+  {
+    $certisinwinrm = "yes"
+    Write-MyLog -LOGSeverity "INFO" -LOGMessage ("Self-Signed certificate is used in WinRM HTTPS listener.")
+  } 
+   else 
+    {$certisinwinrm = "no"
+    Write-MyLog -LOGSeverity "INFO" -LOGMessage ("Self-Signed certificate is not used in WinRM HTTPS listener.")
+  }
+
+if (-not $MyError -and ($RunningConfig.WinRMListeners | Where-Object { $_.Transport -eq "HTTPS" } ) -and $CFG.WINRMHTTPS.ToLower() -eq "enable" -and $CFG.SelfCertForce.ToLower() -eq "enable" -or $certisinwinrm -eq "no" )
   {
     Write-MyLog -LOGSeverity "INFO" -LOGMessage ("Forcing SSL Self-Certificate reissuing, and recreating WinRM HTTPS listener.")
     try