Connecting to Microsoft Exchange via PowerShell is a standard administrative tasks since Exchange 2007 was released. It's available in all Exchange editions Exchange 2007, Exchange 2010, Exchange 2013, Exchange 2016 and last but not least Microsoft Office 365. To properly manage Exchange you simply need the PowerShell connectivity. While using PowerShell locally doesn't do much checks, during remote connection a lot more things gets checked. One of which are certificates.
Problem Description
During establishing remote connection to Exchange PowerShell using New-PsSession following error is received:
[ERROR] New-PSSession : [mail1.domain.local] Connecting to remote server mail1.domain.local failed with the following error message : The server certificate on the destination computer (mail1.domain.loca:443) has the following errors:
[ERROR] The SSL certificate contains a common name (CN) that does not match the hostname. For more information, see the about_Remote_Troubleshooting Help topic.
Another error that can show up during PowerShell connectivity:
[ERROR] New-PSSession : [mail1.domain.local] Connecting to remote servermail1.domain.local failed with the following error message : The server certificate on the destination computer (mail1.domain.local:443) has the following errors:
[ERROR] The SSL certificate could not be checked for revocation. The server used to check for revocation might be unreachable.
[ERROR] For more information, see the about_Remote_Troubleshooting Help topic.
Solution
While you should always use proper certificates on your servers that's not always the case. If you are sure about the server you're connecting to you can use New-PSSessionOption as part of New-PSSession connectivity.
$sessionOption = New-PSSessionOption -SkipRevocationCheck -SkipCACheck -SkipCNCheck $EXOSession = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri $URL -Credential $Credentials -Authentication $Authentication -AllowRedirection -Name $sessionName -SessionOption $sessionOption
As you can you see in the example above there are 3 very useful switches for New-PSSessionOption: SkipRevocationCheck, SkipCACheck, SkipCNCheck. Those are in case you get other similar errors when connecting to PowerShell remotely and should solve most of the certificates issues that may arise during connection to powershell. Just make sure the server is trusted. Finally proceed with standard Import-PSSession $EXOSession -AllowClobber.