Can Powershell Give Me Information on the Server's Certificate Used By Invoke-WebRequest?

Question

For instance, in Powershell 4,

$StackExAPIResponse = Invoke-WebRequest https://api.stackexchange.com/users/104624?site=serverfault -TimeoutSec 3 -ErrorAction Stop

That command works perfectly well, but, is there any way for me to also get the information about the SSL certificate used in that request, such as hash algorithm, expiration date, etc.?

Edit: I'd also accept something with Invoke-RestMethod, etc...

Answer 1

The PowerShell cmdlets don't have a native way to do this. You will probably have to drop down to the .Net libraries if you want certificate information.

One way of doing this will involve using the System.Net.ServicePointManager class. In specific, the FindServicePoint method.

This will have to be done as a separate operation from the Invoke-WebRequest. See the MSDN documenation for the method and the return value for more details about what you can do, but the following would give you the data you specifically mentioned. One thing to note: I noticed that when I tried calling FindServicePoint prior to actually calling Invoke-WebRequest or Invoke-RestMethod, the Certificate property on the service point was null.

$StackExAPIResponse = Invoke-WebRequest https://api.stackexchange.com/users/104624?site=serverfault -TimeoutSec 3 -ErrorAction Stop
$servicePoint = [System.Net.ServicePointManager]::FindServicePoint("https://api.stackexchange.com")
$servicePoint.Certificate.GetCertHashString()
$servicePoint.Certificate.GetExpirationDateString()