Updating a WinRM HTTPs expired self signed cert

WinRM is the best API for managing Windows remotely.  However, the configuration and maintenance of WinRM leaves a lot to be desired.  I've switched over to using a fantastic set of powershell scripts for configuring WinRM found here.

The certs generated by the selfsignedcert.ps1 have a default expiration of 90 days.  Therefore, you'll need to update the certs in short order if you use this setup.

Here's an easy step by step way to update the self signed certs.

1. download the windows 7.1 SDK here
2. copy the makecert.exe from the SDK bin to your server's c:\temp\
3. open a command prompt to c:\temp
1. makecert.exe -sk "%YOURHOSTNAME%" -ss My -sr LocalMachine -r -n "CN=%YOURHOSTNAME%" -a sha1 -eku "1.3.6.1.5.5.7.3.1"
4. open the mmc certificates snap in & copy the new cert's thumbprint to notepad & remove the spaces
5. open powershell
1. winrm enumerate winrm/config/Listener
2. copy down the address you used for the HTTPS Listener
3. run winrm delete winrm/config/Listener?Address=%YOURADDRESS%+Transport=HTTPS
6. open command prompt
1. winrm create winrm/config/Listener?Address=%YOURADDRESS%+Transport=HTTPS @{Hostname="%YOURHOSTNAME%";CertificateThumbprint="%YOURTHUMBPRINT%"}

Hopefully this saves someone else a day's worth of work.