Listener
A management service that implements WS-Management protocol to send and receive messages. WinRM is a listener service. A listener is defined by a transport (HTTP or HTTPS) and an IPv4 or IPv6 address. You can create more than one WinRM listener instance on a single computer by giving them a different TCP/IP address or port number. (from Microsoft Website)
PS C:\Windows\system32> Get-ChildItem -Path WSMan:\localhost\Listener
WSManConfig: Microsoft.WSMan.Management\WSMan::localhost\Listener
Type Keys Name
---- ---- ----
Container {Transport=HTTPS, Address=*} Listener_1305953032
Container {Transport=HTTP, Address=*} Listener_1084132640
List the listeners
Get-ChildItem -Path WSMan:\localhost\Listener
winrm enumerate winrm/config/Listener
Create listeners
HTTP
winrm create winrm/config/Listener?Address=*+Transport=HTTP
HTTPS
The HTTPS listener needs a certificate. In the following script, we create a self-signed certificate. It’s possible of course to specify another certificate by using its thumbprint.
$computername = ([System.Net.Dns]::GetHostByName(($env:computerName)).Hostname)
$c = New-SelfSignedCertificate `
-DnsName $computername `
-CertStoreLocation cert:\LocalMachine\My
winrm create winrm/config/Listener?Address=*+Transport=HTTPS "@{Hostname=`"$computername`";CertificateThumbprint=`"$($c.ThumbPrint)`"}"
To add the necessary firewall rule:
netsh advfirewall firewall add rule name="WinRM-HTTPS" dir=in localport=5986 protocol=TCP action=allow
Delete listeners
Remove-Item -Recurse -Path WSMan:\localhost\Listener\*
Remove-Item -Recurse -Path WSMan:\localhost\Listener\Listener_1305953032
Documentation
Pretty important, the Microsoft website on the subject.