As we have seen in Setting up an Event Collecting Computer you can use either Http or Https protocol to transfer data from the forwarding to the collecting computer. Although standard Http transport uses encryption for forwarded events, you can configure event forwarding to use the encrypted Https protocol. However, using Https requires the following additional tasks to be performed on the forwarding computers:
- You need to install a certificate. You can do this automatically in Active Directory environments by using an enterprise CA.
- You need to create a Windows Firewall exception for TCP port 443. If you opted to minimize bandwidth or latency in the collecting computer's Advanced setting – Event Delivery Optimization, then you must also add a Https firewall exception rule and install a certificate on the collecting computer.
- At an elevated command prompt type: winrm quickconfig – transport:https
Finally, from the Advanced Subscription Settings on the Collecting computer you need to click the Protocol: drop-down arrow and select HTTPS as show below: