New-PSSession - The SSL certificate contains a common name (CN) that does not match the hostname

Vitooo 1 Reputation point
2021-02-09T12:36:51.093+00:00

We want to open a remote PSSession on our hybrid Exchange 2016 (OnPrem) via Powershell.

$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ourServer.FQDN/PowerShell/ -Authentication Kerberos

But we get the error

Connecting to remote server OurServer failed with the following error message :

The server certificate on the destination computer (ourServer.FQDN:443) has the following errors:

The SSL certificate contains a common name (CN) that does not match the hostname.

We use Self Signed Certificates for our Clients

But for our hybrid Configuration we use a bought certificate

Is it a binding Problem in our IIS config ??

We also tried this solution to suppress the CNCheck

$SessionOpt = New-PSSessionOption -SkipCACheck:$true -SkipCNCheck:$true -SkipRevocationCheck:$true
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://<target-server-address>/powershell/ -Credential $LiveCred -SessionOption $SessionOpt
How to connect to an Exchange server via PowerShell (codetwo.com)

And get this error

The WinRM client sent a request to an HTTP server and got a response saying the requested HTTP URL was not available.

This is usually returned by a HTTP server that does not support the WS-Management protocol

Best regards

Vito

Exchange | Exchange Server | Management
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Eric Yin-MSFT 4,396 Reputation points
    2021-02-10T07:34:47.32+00:00

    Hi,
    Are you connecting to Exchange from external?
    Please check if correct certificate is selected in IIS Manager - Default web site/ Exchange back end -bindings.
    And negative to servername -Management servive, try stoping the WMSVC and select the certificate instead of the default one:66254-3.png

    Then start the service and run "iisreset" from an elevated command prompt window, see if the issue resolved.


    If an Answer is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.