Invoke-WebRequest to a web server with self-signed SSL certificate

Question

I have an IIS website hosted in a Windows 2019 server. I enbled HTTPS/SSL using a self-signed certificate.

Now in a client machine, I wanto use Invoke-WebRequest to connect to the server using HTTPS and it fails wjith no doubt.

Invoke-WebRequest: The remote certificate is invalid according to the validation procedure: RemoteCertificateNameMismatch, RemoteCertificateChainErrors

Is there anyway to setup a custom authentication method so that I can bypass this restriction?

Answer 1

Add the -SkipCertificateCheck switch to the cmdlet.

With PS 5, I got a SSL/TLS error. But on PS 7 I got your RemoteCertificateNameMismatch error. So if you are using PS 6 or 7 you can use SkipCertificateCheck. That is not implemented on PS 5.

Answer 2

If you want to give something else a try, put this in your script before using the Invoke-WebRequest cmdlet:

[System.Net.ServicePointManager]::ServerCertificateValidationCallback = { $true }

It supplies a "$true" response to all certificate checks. FYI, the "callback" mentioned in the article is the script block at the end of the line.

http://www.agarwalnishant.com/2014/07/ignore-ssl-certificate-check-in.html

Answer 3

Battled with this too long, but found solution.

If you just need to access some address, like running some sort of webhook, you can use curl, which is in windows10 by default.

No need to set separate hoops to get around certificate checking by setting global callbacks.

$response = & curl.exe --insecure -X GET "$TriggerURL"
if ($response -notmatch "ok") {
  # Failed
  ...