brooklyn-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject [1/2] brooklyn-docs git commit: Winrm connectivity limitations
Date Thu, 19 Jan 2017 13:20:46 GMT
Repository: brooklyn-docs
Updated Branches:
  refs/heads/master d2e6a6780 -> 3a1258ec7

Winrm connectivity limitations


Branch: refs/heads/master
Commit: 55d21a509d8fc521867fc4226d8153424c879813
Parents: d2e6a67
Author: Valentin Aitken <>
Authored: Sun Dec 4 22:49:04 2016 +0200
Committer: Valentin Aitken <>
Committed: Thu Jan 19 15:11:02 2017 +0200

 guide/yaml/winrm/ | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)
diff --git a/guide/yaml/winrm/ b/guide/yaml/winrm/
index 23ebb32..168dded 100644
--- a/guide/yaml/winrm/
+++ b/guide/yaml/winrm/
@@ -513,13 +513,15 @@ Additional logs may be created by some Windows programs. For example,
MSSQL crea
 Known Limitations
-### Use of Unencrypted HTTP
+WinRM 2.0 supports encryption mechanisms on top of HTTP. However those are not supported
in Apache Brooklyn.
+For production adoptions please make sure you follow Microsoft Guidelines
-Brooklyn is currently using unencrypted HTTP for WinRM communication. This means that the
login credentials will be
-transmitted in clear text.
+### Apache Brooklyn limitations on using WinRM over HTTP and HTTPS
-In future we aim to improve Brooklyn to support HTTPS. However this requires adding support
to the underlying 
-WinRM library, and also involves certificate creation and verification.
+By default Apache Brooklyn is currently using unencrypted HTTP for WinRM communication. It
does not support encrypted HTTP for WinRM.
+HTTPS is supported but there is no mechanism of specifying which certificates to trust.
+Currently Apache Brooklyn will accept any certificate used in a HTTPS WinRM connection.
 ### Incorrect Exit Codes

View raw message