Powershell v3 Invoke-WebRequest HTTPS错误
使用Powershell v3的Invoke-WebRequest和Invoke-RestMethod我已经成功地使用POST方法将json文件发布到https网站。
我正在使用的命令是
$cert=New-Object System.Security.Cryptography.X509Certificates.X509Certificate2("cert.crt") Invoke-WebRequest -Uri https://IPADDRESS/resource -Credential $cred -certificate $cert -Body $json -ContentType application/json -Method POST 但是,当我尝试使用GET方法,如:
Invoke-WebRequest -Uri https://IPADDRESS/resource -Credential $cred -certificate $cert -Method GET
以下错误被返回
Invoke-RestMethod : The underlying connection was closed: An unexpected error occurred on a send. At line:8 char:11 + $output = Invoke-RestMethod -Uri https://IPADDRESS/resource -Credential $cred + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-RestMethod], WebException + FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeRestMethodCommand
我已经尝试使用下面的代码来忽略SSL证书,但我不确定它是否真的做任何事情。
[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}
有人可以提供一些指导什么这里可能会出错,以及如何解决它?
谢谢
此解决方法为我工作: http : //connect.microsoft.com/PowerShell/feedback/details/419466/new-webserviceproxy-needs-force-parameter-to-ignore-ssl-errors
基本上,在您的PowerShell脚本中:
add-type @" using System.Net; using System.Security.Cryptography.X509Certificates; public class TrustAllCertsPolicy : ICertificatePolicy { public bool CheckValidationResult( ServicePoint srvPoint, X509Certificate certificate, WebRequest request, int certificateProblem) { return true; } } "@ [System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy $result = Invoke-WebRequest -Uri "https://IpAddress/resource"
你有没有尝试使用System.Net.WebClient ?
$url = 'https://IPADDRESS/resource' $wc = New-Object System.Net.WebClient $wc.Credentials = New-Object System.Net.NetworkCredential("username","password") $wc.DownloadString($url)
Lee的回答非常好,但是我也遇到了Web服务器支持哪些协议的问题。
在添加下面几行之后,我可以通过https请求。 正如在这个答案中指出https://stackoverflow.com/a/36266735
$AllProtocols = [System.Net.SecurityProtocolType]'Ssl3,Tls,Tls11,Tls12' [System.Net.ServicePointManager]::SecurityProtocol = $AllProtocols
我的完整解决scheme与李的代码。
add-type @" using System.Net; using System.Security.Cryptography.X509Certificates; public class TrustAllCertsPolicy : ICertificatePolicy { public bool CheckValidationResult( ServicePoint srvPoint, X509Certificate certificate, WebRequest request, int certificateProblem) { return true; } } "@ $AllProtocols = [System.Net.SecurityProtocolType]'Ssl3,Tls,Tls11,Tls12' [System.Net.ServicePointManager]::SecurityProtocol = $AllProtocols [System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy
以下工作适用于我(并使用最新的非弃用手段与SSL Certs /callbackfunction进行交互),并且不会尝试在同一个PowerShell会话中多次加载相同的代码:
if (-not ([System.Management.Automation.PSTypeName]'ServerCertificateValidationCallback').Type) { $certCallback=@" using System; using System.Net; using System.Net.Security; using System.Security.Cryptography.X509Certificates; public class ServerCertificateValidationCallback { public static void Ignore() { if(ServicePointManager.ServerCertificateValidationCallback ==null) { ServicePointManager.ServerCertificateValidationCallback += delegate ( Object obj, X509Certificate certificate, X509Chain chain, SslPolicyErrors errors ) { return true; }; } } } "@ Add-Type $certCallback } [ServerCertificateValidationCallback]::Ignore();
这是从以下文章改编的https://d-fens.ch/2013/12/20/nobrainer-ssl-connection-error-when-using-powershell/
我发现,当我使用这个callback函数忽略SSL证书[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}
我总是收到错误消息Invoke-WebRequest : The underlying connection was closed: An unexpected error occurred on a send. 这听起来像你正在的结果。
我发现这个论坛post ,导致我下面的function。 我在我的其他代码的范围内运行一次,它适用于我。
函数Ignore-SSLCertificates
{
$ Provider = New-Object Microsoft.CSharp.CSharpCodeProvider
$ Compiler = $ Provider.CreateCompiler()
$ Params = New-Object System.CodeDom.Compiler.CompilerParameters
$ Params.GenerateExecutable = $ false
$ Params.GenerateInMemory = $ true
$ Params.IncludeDebugInformation = $ false
$ Params.ReferencedAssemblies.Add(“System.DLL”)> $ null
$ TASource = @”
命名空间Local.ToolkitExtensions.Net.CertificatePolicy
{
公共类TrustAll:System.Net.ICertificatePolicy
{
公共布尔CheckValidationResult(System.Net.ServicePoint sp,System.Security.Cryptography.X509Certificates.X509Certificate证书,System.Net.WebRequest req,int问题)
{
返回true;
}
}
}
“@
$ TAResults = $ Provider.CompileAssemblyFromSource($ PARAMS,$ TASource)
$ TAAssembly = $ TAResults.CompiledAssembly
##我们创build一个TrustAll的实例,并将其附加到ServicePointManager
$ TrustAll = $ TAAssembly.CreateInstance(“Local.ToolkitExtensions.Net.CertificatePolicy.TrustAll”)
[System.Net.ServicePointManager] :: CertificatePolicy = $ TrustAll
}
如果你以pipe理员身份运行,那么这个错误应该消失
我试图在EM7 OpenSource REST API上search文档。 到目前为止没有运气。
http://blog.sciencelogic.com/sciencelogic-em7-the-next-generation/05/2011
有很多关于OpenSource REST API的讨论,但没有链接到实际的API或任何文档。 也许我很不耐烦。
这里有几件事你可以试试
$a = Invoke-RestMethod -Uri https://IPADDRESS/resource -Credential $cred -certificate $cert $a.Results | ConvertFrom-Json
试试这个来看看你是否可以过滤掉从API获得的列
$a.Results | ft
或者,你也可以尝试使用这个
$b = Invoke-WebRequest -Uri https://IPADDRESS/resource -Credential $cred -certificate $cert $b.Content | ConvertFrom-Json
curl样式头
$b.Headers
我使用twitter JSON API来testingIRM / IWR。
$a = Invoke-RestMethod http://search.twitter.com/search.json?q=PowerShell
希望这可以帮助。
- 运行这个命令
New-SelfSignedCertificate -certstorelocation cert:\ localmachine \ my -dnsname {your-site-hostname}
在PowerShell中使用pipe理员权限 ,这将生成个人目录中的所有证书
- 要摆脱隐私错误,请select这些证书,右键单击→复制。 并粘贴在受信任的根证书颁发机构/证书。
- 最后一步是在IIS中select正确的绑定。 转到IIS网站,select绑定,selectSNIcheckbox,并为每个网站设置单独的证书。
确保网站主机名和证书的dns-name应该完全匹配
