Powershell Invoke-RestMethod using Self-Signed Certificates and Basic Authentication - Any Examples?

问题

I'm playing with a RESTful API and using the Firefox RESTClient plugin all is well. I can easily query the API.

However, when I try to plug the same API call into powershell it doesn't work!

I've tried the following code from various other posts which should rule out certificate issues but I still can not get this to work:

    # This nugget should help me to get around any self-signed certificate issues I believe

    $netAssembly =[Reflection.Assembly]::GetAssembly([System.Net.Configuration.SettingsSection])

    if($netAssembly)
    {
        $bindingFlags = [Reflection.BindingFlags] "Static,GetProperty,NonPublic"
        $settingsType = $netAssembly.GetType("System.Net.Configuration.SettingsSectionInternal")

        $instance = $settingsType.InvokeMember("Section", $bindingFlags, $null, $null, @())

        if($instance)
        {
            $bindingFlags = "NonPublic","Instance"
            $useUnsafeHeaderParsingField = $settingsType.GetField("useUnsafeHeaderParsing", $bindingFlags)

            if($useUnsafeHeaderParsingField)
            {
              $useUnsafeHeaderParsingField.SetValue($instance, $true)
            }
        }
    }

    [System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}

    $headers = @{"AUTHORIZATION"="Basic YWRtaW46Y2xvdWQ="}

    # I exported this certificate from the web browser
    $cert=New-Object System.Security.Cryptography.X509Certificates.X509Certificate2("HPCSA.crt")

    Invoke-RestMethod -Uri https://192.168.5.3:8444/csa/rest/login/CSA-Provider/admin -Certificate $cert -Headers $headers -Method Get`

I'm not able to replicate this using Powershell V3's Invoke-RestMethod and was wondering if someone could share sample code for accessing a HTTPS restful API that has a self-signed certificate and also use basic authorization.

Error Message I get:

PS C:\Users\landg> C:\Users\landg\Documents\Scripts\CSA API\CSA_API_DEMO_take2.ps1
Invoke-RestMethod : Unable to connect to the remote server
At C:\Users\landg\Documents\Scripts\CSA API\CSA_API_DEMO_take2.ps1:31 char:1
+ Invoke-RestMethod -Uri https://192.168.5.3:8444/csa/rest/login/CSA-Provider/admi ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-RestMethod], WebException
    + FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeRestMethodCommand

回答1:

The source of my solution

Using this gets me onto the actual server....now with a HTTP 500 error but this error is for another day.

Here my "working" snippet :

     add-type @"
        using System.Net;
        using System.Security.Cryptography.X509Certificates;

            public class IDontCarePolicy : ICertificatePolicy {
            public IDontCarePolicy() {}
            public bool CheckValidationResult(
                ServicePoint sPoint, X509Certificate cert,
                WebRequest wRequest, int certProb) {
                return true;
            }
        }
    "@
    [System.Net.ServicePointManager]::CertificatePolicy = new-object IDontCarePolicy 

    Invoke-RestMethod -Uri https://192.168.5.3:8444/csa/rest/login/CSA-Provider/admin -Headers @{"AUTHORIZATION"="Basic YWRtaW46Y2xvdWQ="} -Method Get

Hopefully this will help someone else from several frustrating hours :)

回答2:

[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}

来源：https://stackoverflow.com/questions/12187634/powershell-invoke-restmethod-using-self-signed-certificates-and-basic-authentica