Exchange 2016:- The SSL certificate contains a common name (cn) that does not match the hostname.
In Exchange 2016 or even later or earlier versions, you might have configured your virtual directories and have an error in it but did not notice the error. Here is a common error that pops up when the PowerShell virtual directory is set to https and not http and WS-MAN is listening on http and not https:
The first thing to do here is start troubleshooting, let’s look at the PowerShell virtual directory properties, you can do so by typing the following command from an elevated Exchange Management Shell (EMS):
- Get-PowerShellVirtualDirectory -Server Server1 | fl
We are interested in the InternalUrl, as you can see above, it is set to https. You can achieve the same result by opening up the Exchange Admin Center and then clicking on Servers on the left and then Virtual Directories on the top right and you can select the server you want to view. Before you go an update the InternalUrl, let’s take a look at the winrm configuration, to do so let’s run the following command from an elevated command prompt:
- winrm e winrm/config/listener
As you can see above, the Transport section is set to HTTP and not HTTPS as defined in the InternalUrl in the PowerShell Virtual Directory.
Now you can go ahead and update the InternalUrl for the PowerShell Virtual Directory to use HTTP and if you run the command or script you were running initially, it should pass and not give any errors.
Hope it helps.