powershell - Trusting certificate of HTTPS site in web request -


i want test if our web server (located on intranet) online (1) or offline (0) server containing using powershell 2.0. have script navigates page , check if html-string available on page.

function get-heartbeat {     $isalive = $false      try {         $webclient = new-object webclient          $username = "xxx"         $password = "xxx"         $domain = "xxx"          $url  = "oururl.com"         $html = '<input type="submit">'          $webclient.credentials = new-object system.net.networkcredential($username, $password, $domain)         $webpage = $webclient.downloadstring($url)          $isalive = $webpage.contains($html)     } catch {         # webexception thrown if status code 200 (ok)         write-host $_         $isalive = $false     }      return "$([int32]$isalive)" }

unfortunately returns error:

exception calling "downloadstring" "1" argument(s): "the underlying connection closed: not establish trust relationship ssl/tls secure channel."

a way trust our certificate create type certificate policy follows (modification of this answer):

add-type @"     using system.net;     using system.security.cryptography.x509certificates;      public class trustourcertspolicy : icertificatepolicy {         public bool checkvalidationresult(             servicepoint servicepoint, x509certificate certificate,             webrequest request, int certificateproblem)          {             return certificate.issuer.equals("our issuer")                 && certificate.subject.contains("our application");         }     } "@  [system.net.servicepointmanager]::certificatepolicy = new-object trustourcertspolicy

this still feels bit "stringly typed" instead of 100% secure.

is safe? there better way create webclient has 1 certificate accepted? certificate should trust available in cert:localmachine\my.

the correct way handle certificate errors import certificate chain (root , intermediat ca certificates) of webserver's certificate local certificate store (as trusted root ca , intermediate ca respectively). if server certificate self-signed need import server certificate trusted root ca.

another option, depending on need check, might modify algorithm. instance, if need heartbeat (not verify actual request returns specific result) try establish tcp connection port:

function get-heartbeat {   $url  = 'oururl.com'   $port = 443    $clnt = new-object net.sockets.tcpclient   try {     $clnt.connect($url, $port)     1   } catch {     0   } {     $clnt.dispose()   } }

on more recent windows versions use test-netconnection cmdlet same end:

function get-heartbeat {   $url  = 'oururl.com'   $port = 443    [int](test-net-connection -computer $url -port $port -informationlevel quiet) }

Comments

Post a Comment

Popular posts from this blog

javascript - jQuery: Add class depending on URL in the best way -

i have html progress meter: <div class="col-md-3" style="margin-left: -20px;"> <div class="progress-pos active" id="progess-1"> <div class="progress-pos-inner"> login </div> </div> </div> <div class="col-md-3 progress-pos-container"> <div class="progress-pos" id="progess-2"> <div class="progress-pos-inner"> scan items </div> </div> </div> <div class="col-md-3 progress-pos-container"> <div class="progress-pos" id="progess-3"> <div class="progress-pos-inner"> confirm address </div> </div> </div> <div class="col-md-3 progress-pos-container"> <div class="progress-pos" id="progess-4"> <div class="progress-pos-in
Read more

caching - How to check if a url path exists in the service worker cache -

i need check if particular url path exists in service worker cache. example, suppose url is: /myserviceworker/service?a=110&b=70 this url exists in cache, there many of them different values of , b. now, suppose want refresh of these urls, how can that? i want know how access key values service worker cache. if know key, plan follows: var url = new url(key); if(url.pathname === "\/myserviceworker/service") refetch key but not sure how cache key , in format is. mean, string or url? cache api has match() method returns promise resolving in response object if match or undefined if no match exists. second parameter object can specify ignoresearch not take account url parameters. the ignoresearch option supported firefox ( chrome status here ). in other hand, retrieve cache entries, can use keys() method.
Read more

Redirect to a HTTPS version using .htaccess -

i need modify .htaccess file redirect urls https version without "www". http://example.com --> https://example.com http://www.example.com --> https://example.com https://www.example.com --> https://example.com this how .htaccess file looks like: rewriteengine on rewritecond %{request_filename} !-d rewritecond %{request_filename} !-f rewriterule ^(.*)$ redirect.php?id=$1&page=$2 [qsa,l] what modifications need make .htaccess in order forward https without "www"? it depends on doing current code. looks file called redirect trying display php page seo friendly url. think might confusing people. anyway, need , force https without www, need 1 more rule above. also second rule needs two capture groups in rewriterule test string because wanting 2 different values using $1 , $2 references. rewriteengine on #rediect www non www and/or http https --- combinations. rewritecond %{http_host} !^example\.com [nc,or] rewritecond %{https} !^
Read more