I had to enable unencrypted on my Windows hosts since it is disabled by default. You can check with:
winrm get winrm/config/service
winrm get winrm/config/client
REM enable unencrypted
winrm set winrm/config/service @{AllowUnencrypted="True"}
winrm set winrm/config/client @{AllowUnencrypted="True"}
Thats from a Windows Admin cmd prompt. If you use powershell, you'll need to escape a bunch - `@`{AllowUnencrypted=`"True`"`}
Typed that from memory, so syntax may be slightly off; should be able to find via google if I remembered wrong.