From 035ce0a29babcea83f94d51d8a9d6a63d3c29234 Mon Sep 17 00:00:00 2001 From: Jordan Borean Date: Tue, 22 Nov 2022 07:04:07 +1000 Subject: WinRM - Add doc entry for cert auth over TLS 1.3 (#79434) (#79435) (cherry picked from commit 493ef4a559362d874b22d362fe3423a4410c6f70) --- docs/docsite/rst/os_guide/windows_winrm.rst | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'docs') diff --git a/docs/docsite/rst/os_guide/windows_winrm.rst b/docs/docsite/rst/os_guide/windows_winrm.rst index dc95e8e095..242cd1f7b7 100644 --- a/docs/docsite/rst/os_guide/windows_winrm.rst +++ b/docs/docsite/rst/os_guide/windows_winrm.rst @@ -5,7 +5,7 @@ Windows Remote Management Unlike Linux/Unix hosts, which use SSH by default, Windows hosts are configured with WinRM. This topic covers how to configure and use WinRM with Ansible. -.. contents:: +.. contents:: :local: :depth: 2 @@ -117,6 +117,8 @@ be enabled by running the following in PowerShell: .. Note:: Encrypted private keys cannot be used as the urllib3 library that is used by Ansible for WinRM does not support this functionality. +.. Note:: Certificate authentication does not work with a TLS 1.3 connection. + .._winrm_certificate_generate: Generate a Certificate @@ -633,7 +635,7 @@ The WinRM protocol considers the channel to be encrypted if using TLS over HTTP recommended option as it works with all authentication options, but requires a certificate to be created and used on the WinRM listener. -If in a domain environment, ADCS can create a certificate for the host that +If in a domain environment, ADCS can create a certificate for the host that is issued by the domain itself. If using HTTPS is not an option, then HTTP can be used when the authentication -- cgit v1.2.1