Menu
I've got this beautiful one liner which calls a webservice of mine via Task Scheduler:
-ExecutionPolicy unrestricted -Command "(New-Object Net.WebClient).DownloadString(\"https://127.0.0.1/xxx\")"
But my webservice has SSL now and I want to make a local call so it gives an SSL exception. So is there a way to ignore the SSL warning with this one liner?
896
[System. Net. ServicePointManager]::ServerCertificateValidationCallback = {$true} ; Since you're using this in a task-scheduler, I'd add it before the DownloadString command with a ';' to seperate the two commands.
To bypass SSL certificate validation for local and test servers, you can pass the -k or --insecure option to the Curl command. This option explicitly tells Curl to perform "insecure" SSL connections and file transfers. Curl will ignore any security warnings about an invalid SSL certificate and accept it as valid.
With the one-liner you don't have many options in ignoring the SSL-warning (with the WebClient downloadstring method).
You could try doing this before invoking the command :
[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true} ;
Since you're using this in a task-scheduler, I'd add it before the DownloadString command with a ';' to seperate the two commands.
This should do the trick, which would set the callback in the session:
-ExecutionPolicy unrestricted -Command "[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true};(New-Object Net.WebClient).DownloadString(\"127.0.0.1/xxx\")"
If you have a newer Powershell installation (check if you have the invoke-webrequest cmdlet available), you can use this cmdlet in addtion to a security policy. Still not a one-liner, but this should do the trick :
add-type @"
using System.Net;
using System.Security.Cryptography.X509Certificates;
public class TrustAllCertsPolicy : ICertificatePolicy {
public bool CheckValidationResult(
ServicePoint srvPoint, X509Certificate certificate,
WebRequest request, int certificateProblem) {
return true;
}
}
"@
[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy
$result = Invoke-WebRequest -Uri ""https://127.0.0.1/xxx"
Try to see if that works from a normal host, if so, you could bundle it in a simple script and use this in your scheduled task.
138
If you're looking to implement a conditional policy, use the following.
[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {
param(
[object]$sender,
[Security.Cryptography.X509Certificates.X509Certificate] $certificate,
[Security.Cryptography.X509Certificates.X509Chain] $chain,
[Net.Security.SslPolicyErrors] $sslPolicyErrors
)
# Implement your custom logic here
$true
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
