Just to clearify Packer does speak WinRM over HTTPS. See https://www.packer.io/docs/templates/communicator.html#winrm_use_ssl
On Thu, May 10, 2018, 05:22 Jordan Borean <[email protected]> wrote: > I believe the other issue is that Packer (or whatever libraries Packer > uses for WinRM) does not encrypt the WinRM data so anything over http is in > plaintext. You can disable the encryption check by running > > Set-Item -Path WSMan:\localhost\Server\AllowUnencrypted -Value $true > > This means that Windows will allow connections that do not encrypt the > data but I doubt a hardened AMI would allow this change as it is quite > insecure. What you really want to do is use a https listener which uses TLS > to encrypt the data. This requires further steps as part of your > bootstrapping process ot create the self-signed cert and https listener but > it can be done. In Ansible land we use > https://github.com/ansible/ansible/blob/devel/examples/scripts/ConfigureRemotingForAnsible.ps1 > but you will probably need to modify it to work on your AMI. > > Thanks > > Jordan > > -- > This mailing list is governed under the HashiCorp Community Guidelines - > https://www.hashicorp.com/community-guidelines.html. Behavior in > violation of those guidelines may result in your removal from this mailing > list. > > GitHub Issues: https://github.com/mitchellh/packer/issues > IRC: #packer-tool on Freenode > --- > You received this message because you are subscribed to the Google Groups > "Packer" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/packer-tool/b72debbe-86b4-4cad-b6e3-ea82883b4b70%40googlegroups.com > <https://groups.google.com/d/msgid/packer-tool/b72debbe-86b4-4cad-b6e3-ea82883b4b70%40googlegroups.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list. GitHub Issues: https://github.com/mitchellh/packer/issues IRC: #packer-tool on Freenode --- You received this message because you are subscribed to the Google Groups "Packer" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/CALz9Rt-9kRMdFJZSR-syRdKr5RbP5u7Pg_KfXBFwXztd-dsavA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
