2

I am trying to use the Invoke-WebRequest cmdlet (for the first time) to connect to the web interface for a Sharp printer. So far, the code I have is the following: 

$cred = Get-Credential
$url = 'http://<IP address of printer>/login.html?/main.html'
$login = Invoke-WebRequest $url -SessionVariable printer -Method Get
$login.Forms[0].Fields.element10002 = $cred.UserName
$login.Forms[0].Fields.element10002 = 
$cred.GetNetworkCredential().Password
$mainPage = Invoke-WebRequest -Uri ($url + $login.Forms[0].Action) ` 
    -WebSession $printer -Body $login -Method Post

...but I keep getting this error:

Invoke-WebRequest : The underlying connection was closed: The connection
was closed unexpectedly.
At line:6 char:13
+ $mainPage = Invoke-WebRequest -Uri ($url + $login.Forms[0].Action) -W 
...
+             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: 
(System.Net.HttpWebRequest
:HttpWebRequest) [Invoke-WebRequest], WebException
+ FullyQualifiedErrorId : 
WebCmdletWebResponseException,Microsoft.Powe
rShell.Commands.InvokeWebRequestCommand

This line of code does not cause an error:

$login = Invoke-WebRequest $url -SessionVariable printer -Method Get

But this line does:

$mainPage = Invoke-WebRequest -Uri ($url + $login.Forms[0].Action) ` 
    -WebSession $printer -Body $login -Method Post

I am using PS version 5.1, and Tls12 on a Windows 7 box. After some Googling, it seems like this problem might have something to do with the version of Tls. but I'm not sure what to change it to.

Does anybody have any ideas? - @leah_cyberpadawan

Leah_CyberPadawan
  • 35
  • 1
  • 2
  • 9
  • Possible duplicate of [Powershell v3 Invoke-WebRequest HTTPS error](https://stackoverflow.com/questions/11696944/powershell-v3-invoke-webrequest-https-error) – Maximilian Burszley Sep 25 '18 at 15:11
  • By default, Windows PowerShell's AppDomain does not support TLSv1.2 which is likely the cause of your problem. If following the advice of the linked answer does not work, also consider setting your `ServicePointManager`: `[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor [System.Net.SecurityProtocolType]::Tls12` – Maximilian Burszley Sep 25 '18 at 15:12
  • @TheIncorrigible1, thanks for the input. I tried the solutions, but I still got the error. One of the comments on the other post said PS 5.1 blocks tls12 and 11 by default. So maybe I need to somehow unblock it? – Leah_CyberPadawan Sep 25 '18 at 15:46
  • It doesn't *block* them, but it does not *accept* them as a default. You can verify which protocols are enabled by looking at `[Net.ServicePointManager]::SecurityProtocol` Did you try my suggestion? – Maximilian Burszley Sep 25 '18 at 16:29
  • @TheIncorrigible1, the protocols that are currently enabled are Ssl3, Tls, Tls11, Tls12, and I did try your code. The Invoke command skilled errored. – Leah_CyberPadawan Sep 25 '18 at 16:50
  • Did you try the answer from the other question and it failed? If all that is true, try launching a new console, set the `SecurityProtocol` and then set the `::ServerCertificateValidationCallback` to `= {$true}` – Maximilian Burszley Sep 25 '18 at 16:59
  • @TheIncorrigible1, I did try the answer from the other question and it didn't work. I also tried what you just suggested (open a new console, set the securityprotocol and the ServerCertificateValidationCallback) and it still errored. – Leah_CyberPadawan Sep 25 '18 at 17:56

1 Answers1

3

The following two solutions have worked for me when working with endpoints that may have self-signed certificates or TLS 1.2-only supported:

[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor [System.Net.SecurityProtocolType]::Tls12
Add-Type -TypeDefinition @'
using System.Net;
using System.Security.Cryptography.X509Certificates;
public class TrustAllCertsPolicy : ICertificatePolicy
{
    public bool CheckValidationResult(ServicePoint sp, X509Certificate cert, WebRequest req, int certProblem)
    {
        return true;
    }
}
'@
[System.Net.ServicePointManager]::CertificatePolicy = New-Object -TypeName TrustAllCertsPolicy

[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor [System.Net.SecurityProtocolType]::Tls12
[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}
Maximilian Burszley
  • 18,243
  • 4
  • 34
  • 63