I believe the other issue is that Packer (or whatever libraries Packer uses for WinRM) does not encrypt the WinRM data so anything over http is in plaintext. You can disable the encryption check by running
Set-Item -Path WSMan:\localhost\Server\AllowUnencrypted -Value $true This means that Windows will allow connections that do not encrypt the data but I doubt a hardened AMI would allow this change as it is quite insecure. What you really want to do is use a https listener which uses TLS to encrypt the data. This requires further steps as part of your bootstrapping process ot create the self-signed cert and https listener but it can be done. In Ansible land we use https://github.com/ansible/ansible/blob/devel/examples/scripts/ConfigureRemotingForAnsible.ps1 but you will probably need to modify it to work on your AMI. Thanks Jordan -- This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list. GitHub Issues: https://github.com/mitchellh/packer/issues IRC: #packer-tool on Freenode --- You received this message because you are subscribed to the Google Groups "Packer" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/b72debbe-86b4-4cad-b6e3-ea82883b4b70%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
