Connect to target using SSL with a different name than certificate
Bypass the name check on the certificate when connecting via HTTPS WS-Man.
February 13, 2016
Q. I want to connect to a target server over HTTPS with PowerShell with a name other than its certificate common name, can I?
A. Yes this is possible but this is not something you should be doing. Using HTTPS gives the client two things; encryption and assurance the target server is who it says it is (mutual authentication). By disabling the name check the target could be anyone since the name does not have to match the certificate. To skip the name check a session option object should be created and used:
$option = New-PSSessionOption -SkipCNCheckEnter-PSSession -computerName workgroupsrv -sessionOption $option -credential $cred -useSSL
It is now possible to connect using a name other than the server name in the certificate. The encryption is still present but the mutual authentication is no longer assured.
Note that another option is -SkipCACheck which enables the connection even if the certificate is issued from a CA not trusted by the client.
About the Author
You May Also Like