By default, Windows remoting requests are unencrypted. An HTTPS listener can be created to support encryption. Before attempting to create an HTTPS listener, a certificate is required.

Using a self-signed certificate is often the first step when configuring SSL. Windows 10 comes with a PKI module that can be used to create a certificate. In the following example, a self-signed certificate is created in the computer's personal store:

PS> New-SelfSignedCertificate -DnsName $env:COMPUTERNAME
PSParentPath: Microsoft.PowerShell.SecurityCertificate::LocalMachineMY
Thumbprint                               Subject
----------                               -------
D8D2F174EE1C37F7C2021C9B7EB6FEE3CB1B9A41 CN=SSLTEST

Once the certificate has been created, an HTTPS listener may be created using the WSMan drive:

New-Item -Path WSMan:localhostListener -Address * -Transport HTTPS -CertificateThumbprint 'D8D2F174EE1C37F7C2021C9B7EB6FEE3CB1B9A41'  -Force 

The Force parameter is used to suppress a confirmation prompt.