0

I'm calling Invoke-RestMethod in a PowerShell script to upload a zip archive to an Artifactory repository. I tested the script from my local machine PowerShell ISE; upload complete without issue as expected. However, when I execute the script on the intended target machine, I'm seeing an error returned:

The request was aborted: Could not create SSL/TLS secure channel.

I've read numerous online posts related to this error; consensus appears to be to add the following line immediately before the Invoke-RestMethod call in the script:

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls -bor [Net.SecurityProtocolType]::Tls11 -bor [Net.SecurityProtocolType]::Tls12 -bor [Net.SecurityProtocolType]::Ssl3

I added this line but the issue persists.

Execution of the following PowerShell:

[Net.ServicePointManager]::SecurityProtocol

returns:

Ssl3, Tls, Tls11, Tls12 suggesting that all available protocols are enabled.

My script snippet now looks like this:

$headers = @{"X-JFrog-Art-Api" = $artifactoryApiKey}        
    [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls -bor [Net.SecurityProtocolType]::Tls11 -bor [Net.SecurityProtocolType]::Tls12 -bor [Net.SecurityProtocolType]::Ssl3

    $return=Invoke-RestMethod -Uri $uri -InFile $sourceFile -Method Put -Headers $headers

As stated above, this script executes without issue on my local machine.

.Net 4.6.1 installed on server returning error.

The Furious Bear
  • 592
  • 4
  • 16
  • 31
  • When nothing works https://learn.microsoft.com/en-us/mem/configmgr/core/plan-design/security/enable-tls-1-2-client sometimes you need to check the registry; this helped me in similar situations https://pastebin.com/GyBHmvjy (make a backup of the subtree in question first) – wp78de Nov 02 '20 at 00:01

1 Answers1

1

I don't offer an explanation, but perhaps a solution for some. I was having the same exact issue: PowerShell invoke-RestMethod worked locally but not when run from the intended (Windows 2012 R2) server. I receive the same TLS/SSL error. I read a lot about the TLS handshake and other technotes, and tested suggestions like:

  1. Setting the security protocol as noted in the original question
  2. Enabling TLS protocol in the registry
  3. Listing and comparing Cipher Suites.

In the end, I couldn't get PowerShell to work. HOWEVER, the rest call works from the server using curl.exe in command line. If you see this, I recommend stop trying to troubleshoot PowerShell and give curl a try. I found this and this helpful in writing my first curl.exe rest calls.

Christine Schoenen
  • 11
  • 2