cnspec scan winrm over http #1168
-
Hello everyone Is there a way to specify the winrm transport method and port cnspec should use for a scan? We opted to use cnspec to verify the correct system hardening of our os images. It's planned that new servers are built automatically based on these images on a regular basis, hence we'd like to avoid the configuration of a https listener for winrm during the staging process. Could the "--option" flag be used? Thanks a lot in advance |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
Hi @CedBau That is great to hear. In case you build cloud images, also have a look at https://github.com/mondoohq/packer-plugin-cnspec. To connect via winrm, you normally call:
To specify the port, you can use the following format:
As default Let me know if this was helpful. |
Beta Was this translation helpful? Give feedback.
Hi @CedBau That is great to hear. In case you build cloud images, also have a look at https://github.com/mondoohq/packer-plugin-cnspec.
To connect via winrm, you normally call:
To specify the port, you can use the following format:
As default
5986
is used. If you use port5985
, we automatically expect http listener and disable the ssl. If you use a different port, you need to set the env variableWINRM_DISABLE_HTTPS="true"
. I think it makes sense to add the option to a flag so that it is easier to discover.Let me know if this was helpful.