Http tests don't work against https URLs with invalid certs

Question

Http tests don't work against https URLs with invalid certs

kenerwin88 opened this issue 8 years ago · 4 comments

When attempting to do an http check against a URL with an invalid SSL certificate (which is common in dev/qa environments), the check fails with:

Invoke-RestMethod : The underlying connection was closed: An unexpected error occurred on a send.

I believe the solution is to add:

# Added for dealing with invalid certificates.
add-type -TypeDefinition  @"
    using System.Net;
    using System.Security.Cryptography.X509Certificates;
    public class TrustAllCertsPolicy : ICertificatePolicy {
        public bool CheckValidationResult(
            ServicePoint srvPoint, X509Certificate certificate,
            WebRequest request, int certificateProblem) {
            return true;
        }
    }

"@
[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy

to the http.ps1 file.

Answer 1 · 2016-08-24T16:11:16.000Z

I think that will have to be a function option as failing for invalid certs is also a valid scenario. The other caveat is once that TypeDefinition is loaded, it persists for other web requests you might make in that Powershell session.

Answer 2 · 2016-09-10T18:32:23.000Z

@kenerwin88, I'm still now sure how I feel about including this in the function. You can just include that snippet in the setup of your test script for now.

Answer 3 · 2016-09-28T20:57:46.000Z

I think this should be left out of the official functionality (because of the type definition persisting), but should be included in the docs.

Answer 4 · 2018-02-05T14:38:02.000Z

Because this is global to the PS Session, I don't want to include it in the module. It can be added to the calling script if that functionality is needed.