On the Storage Replica documentation it lists one of the Pre-requisites as "Appropriate firewall and router rules to allow ICMP, SMB (port 445, plus 5445 for SMB Direct) and WS-MAN (port 5985) bi-directional traffic between all nodes."
Further down the same page it lists the command to set up WinRM as:
"winrm quickconfig"
Can Storage Replica use WinRM over https? If I try to run the command:
"winrm quickconfig -transport:https"
then I get a message which describes the properties required for a certificate:
"Message = Cannot create a WinRM listener on HTTPS because this machine does not have an appropriate certificate. To be used for SSL, a certificate must have a CN matching the hostname, be appropriate for Server Authentication, and not be expired, revoked, or self-signed.
Error number: -2144108267 0x80338115"
My question is, does Storage Replica work in the server-to-server mode over https? If so, what are the requirements re the certificates, i.e. do both machines need to use the same cert? Or do they each have their own? Do they need to share their certs and does Storage Replica handle that automatically or do I need to install both certificates on both machines, or the public cert of one machine stored on the other?
Specifically, it's over WinRM that the SR-Partnership is created. How do I set up both servers such that the New-SRPartnership command is successful, if I want the setup to use WinRM over HTTPS rather than WinRM over HTTP?
Thanks in advance.