Recently the folks over on the Azure team released a bunch of improvements to Azure. One of them caught my eye. They’ve provided us a way to enable PowerShell remoting when provisioning a machine. As someone who tries to automate all things I was extremely happy to see this. Gone are the days or creating images with startup scripts set, but there is a problem…
After you provision a machine with the above check box checked. You’ll probably try something like this…
And then you’ll see the following exception:
Enter-PSSession : Connecting to remote server psremoter.cloudapp.net failed with the following error message : The server certificate on the destination computer
(psremoter.cloudapp.net:5074) has the following errors:
The SSL certificate is signed by an unknown certificate authority. For more information, see the about_Remote_Troubleshooting Help topic.
At line:11 char:1
+ Enter-PSSession -ComputerName psremoter.cloudapp.net -Port 5074 -Credential $cre …
+ CategoryInfo : InvalidArgument: (psremoter.cloudapp.net:String) [Enter-PSSession], PSRemotingTransportException
+ FullyQualifiedErrorId : CreateRemoteRunspaceFailed
Let’s take a step back and look at what I’m talking about. When you enable this feature, PSRemoting is configured for SSL and uses a self signed certificate. This certificate needs to be added to your root certificate store so that you can access the machine. Let’s do this…
This script creates a ServicePoint to get the certificate. Then adds it to your trusted store. Now your free to “Enter-PSSesion” or “Invoke-Command” all you’d like!