We are using only WinRM secure listeners in our environment and the default HTTP listener on tcp/5985 in the environment is removed.
We also use the builitn Password Reset and Account discovery scripting provided by PasswordState.
We have received a procedure how to manually add the -UseSSL parameter to the builtin scripts of PasswordState. This works but modified scripts will be overwritten with each update.
We would like to see te option to use -UseSSL builtin to the GUI or the scripts modified to try of the SSL listener exists and then use it. Or another clever solution ofcourse :-)