Hello! In 5.1 you could/can successfully use the well documented method to pull a certificate expiry date from a web request.
$request = Invoke-WebRequest $domainCheck -usebasicparsing -TimeoutSec 20 -ErrorAction Stop
$servicePoint = [Net.ServicePointManager]::FindServicePoint("$domainCheck")
$end = Get-Date $servicePoint.Certificate.GetExpirationDateString()
On netCore or PWSH 7 this doesn’t work, and is documented in a few github threads.
opened 03:28AM - 23 Jan 18 UTC
closed 12:34PM - 04 Nov 20 UTC
documentation
area-System.Net.Http
A typical way to obtain the server certificate after making a request via `HttpC… lient` is to use `ServicePointManager.FindServicePoint` with the URI and grab the `Certificate` property off of that.
This works fine in .NET 4.5, as evidenced by this fragment from a [workbook]:
However, in a .NET Core application, this doesn't work:
You can also see the attached project in [certificate-test.zip](https://github.com/dotnet/corefx/files/1654414/certificate-test.zip). It contains a sample you can download and `dotnet run`.
## `dotnet --info` output:
```
.NET Command Line Tools (2.1.4)
Product Information:
Version: 2.1.4
Commit SHA-1 hash: 5e8add2190
Runtime Environment:
OS Name: Windows
OS Version: 10.0.16299
OS Platform: Windows
RID: win10-x64
Base Path: C:\Program Files\dotnet\sdk\2.1.4\
Microsoft .NET Core Shared Framework Host
Version : 2.0.5
Build : 17373eb129b3b05aa18ece963f8795d65ef8ea54
```
[workbook]: https://github.com/Microsoft/workbooks
I don’t speak their language unfortunately so i have no idea how to implement their fixes in PowerShell. Can anyone advise?
I’ve been looking at this on and off since you’ve posted and haven’t found a way to implement the callback method. I did find an example or two but they didn’t work for me.
Just thought I’d post what I’ve come up with so far in case it helps you or someone else come up with a full solution. It seems to work in so far as no errors are thrown but I cannot get any output from the callback method. I don’t think anything is actually being passed to the callback method…
Using namespace System.Net.Http
Using namespace System.Security.Cryptography.X509Certificates
Using namespace System.Net.Security
function ServerCertificateCustomValidation {
param (
[HttpRequestMessage]$requestMessage,
[X509Certificate2]$certificate,
[X509Chain]$chain,
[SslPolicyErrors]$sslErrors
)
$uri = $($requestMessage.RequestUri)
return [SslPolicyErrors].None
}
$handler = New-Object -TypeName System.Net.Http.HttpClientHandler
$handler.ServerCertificateCustomValidationCallback = ServerCertificateCustomValidation
$client = New-Object -TypeName System.Net.Http.HttpClient -ArgumentList $handler
try {
$response = $client.GetAsync('https://www.powershell.org')
$statusCode = $response.Result.EnsureSuccessStatusCode()
$responseBody = $response.Result.Content.ReadAsStringAsync()
$handler.Dispose()
$client.Dispose()
}
catch {
Write-Warning "Exception Caught."
Write-Warning $_.Exception.Message
}
Write-Host $uri