From 493ef4a559362d874b22d362fe3423a4410c6f70 Mon Sep 17 00:00:00 2001 From: Jordan Borean Date: Tue, 22 Nov 2022 06:46:48 +1000 Subject: [PATCH] WinRM - Add doc entry for cert auth over TLS 1.3 (#79434) --- docs/docsite/rst/os_guide/windows_winrm.rst | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/docs/docsite/rst/os_guide/windows_winrm.rst b/docs/docsite/rst/os_guide/windows_winrm.rst index dc95e8e0957..242cd1f7b7b 100644 --- a/docs/docsite/rst/os_guide/windows_winrm.rst +++ b/docs/docsite/rst/os_guide/windows_winrm.rst @@ -5,7 +5,7 @@ Windows Remote Management Unlike Linux/Unix hosts, which use SSH by default, Windows hosts are configured with WinRM. This topic covers how to configure and use WinRM with Ansible. -.. contents:: +.. contents:: :local: :depth: 2 @@ -117,6 +117,8 @@ be enabled by running the following in PowerShell: .. Note:: Encrypted private keys cannot be used as the urllib3 library that is used by Ansible for WinRM does not support this functionality. +.. Note:: Certificate authentication does not work with a TLS 1.3 connection. + .._winrm_certificate_generate: Generate a Certificate @@ -633,7 +635,7 @@ The WinRM protocol considers the channel to be encrypted if using TLS over HTTP recommended option as it works with all authentication options, but requires a certificate to be created and used on the WinRM listener. -If in a domain environment, ADCS can create a certificate for the host that +If in a domain environment, ADCS can create a certificate for the host that is issued by the domain itself. If using HTTPS is not an option, then HTTP can be used when the authentication