When I try to use Invoke-WebRequest on https, I'm getting some weird error:
Invoke-WebRequest : The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.
Here is my code:
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls
$url = "https://X.X.X.X:4343/officescan/console/html/cgi/cgiChkMasterPwd.exe"
$r = Invoke-WebRequest $url -SessionVariable office
Any advice for me?
Of course it is an issue with an invalid certificate (autosigned?, expired?) if using Powershell 7+ simply use the new parameter
Invoke-WebRequest -Uri 'https://trees.com/' -SkipCertificateCheck
if using Powershell 5.1 it is a bit harder:
$code= @"
using System.Net;
using System.Security.Cryptography.X509Certificates;
public class TrustAllCertsPolicy : ICertificatePolicy {
public bool CheckValidationResult(ServicePoint srvPoint, X509Certificate certificate, WebRequest request, int certificateProblem) {
return true;
}
}
"@
Add-Type -TypeDefinition $code -Language CSharp
[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy
Invoke-WebRequest -Uri 'https://trees.com/'
A possible solution I have seen is this:
[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}
you can override the certification validation function to always return true.
Its much simpler than overriding CheckValidationResult.
You should try this:
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12;
$url = "https://X.X.X.X:4343/officescan/console/html/cgi/cgiChkMasterPwd.exe"
$r = Invoke-WebRequest $url -SessionVariable office
You can also try bypassing the PowerShell profile, in case there's something weird in there (my issue).
powershell -noprofile
