0

I'm trying to debug a script that makes an https call using Invoke-WebRequest. Since it won't allow the request due to certificate errors, I need to run the following command to disable SSL validation:

[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}

However, when I attempt to run this command I get the following error:

Unable to find type [System.Net.ServicePointManager].
At line:1 char:1
+ [System.Net.ServicePointManager]::ServerCertificateValidationCallback ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (System.Net.ServicePointManager:TypeName) [], RuntimeException
    + FullyQualifiedErrorId : TypeNotFound

OS: macOS Sierra

To replicate the issue:

JasonMArcher
  • 14,195
  • 22
  • 56
  • 52
Bilbo Baggins
  • 1,029
  • 1
  • 9
  • 19

2 Answers2

1

Not really familiar with this, but... the PowerShell for OS X link you provide appears to use .NET Core. However, System.Net.ServicePointManager isn't supported by .NET Core.

Digging around, I'm able to find this StackOverflow question, which lead to this issue, and then this issue, but honestly I'm a bit lost on what's going on because the version numbers refer to so many different things. I can't tell what's current and what's not.

Bottom line is, as far as I can tell, the proper method for .Net Core is supposed to be Http​Client​Handler.​Server​Certificate​Custom​Validation​Callback in System.Net.Http, but I'm not exactly sure how you refer to that with PowerShell.

Community
  • 1
  • 1
Bacon Bits
  • 30,782
  • 5
  • 59
  • 66
1

On Windows PowerShell up until version 5, the workaround you are attempting to use was required because the Invoke-WebRequest cmdlet did not have a convenient way to ignore certificate checks.

In PowerShell 6+, because of the prevalence of self signed certificates in the Open Source world, Invoke-WebRequest was upgraded to include a lot of new switch parameters to deal with them. In particular take a look at the -SkipCertificateCheck parameter in the documentation for the cmdlet.

That parameter will allow you to accept an unknown certificate to encrypt your connection as you are attempting to do here.

Bill Hurt
  • 749
  • 1
  • 8
  • 26
  • Not sure why you don't have lots of upvotes sir. You saved me a huge headache and lots of googling! Thannk you. The -SkipCertificateCheck did it for me – Tarik.J Dec 11 '19 at 19:16