If you have done much with Invoke-webrequest, and if your endpoints have an inkling of security minded people watching them, then chances are you have run into a small issue:<\/p>\n\n\n\n
Invoke-WebRequest : The request was aborted: Could not create SSL\/TLS secure channel.<\/em> <\/p>
<\/p><\/blockquote>\n\n\n\n
What’s happening here? Well, chances are that the end-point you are attempting to access has turned off TLS1.0 and 1.1, and for good reason!<\/a> There is an easy fix, however. Just simply place a single line of code in your script above the invoke-webrequest:<\/p>\n\n\n\n
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12<\/code><\/pre>\n\n\n\nGreat! Post done, walk away. <\/p>\n\n\n\n
But…..I have about 10000 scripts…..<\/h2>\n\n\n\n
That one line works great if you have just a handful of scripts that you run, but what if you need to do this for a large company – maybe a large enterprise? Well, it turns out that your profile can help.<\/p>\n\n\n\n
First off – there are multiple PowerShell profiles on a system, but for this instance, let’s focus on the All-Users\/All-Hosts profile (also sometimes referred to as the System profile). Depending on the flavor of PowerShell you are running – Microsoft vs Windows – the System profile will be in different locations. Not to fear, however, cause $PSHome will show you where the profile is located. Create your profile (if you haven’t already) in the $PSHome directory. The name of the file should be “profile.ps1”.<\/p>\n\n\n\n
Now – place the Net.ServicePointManager line you would normally place in a single script into your System profile and save it. Whenever an invoke-webrequest is run from this system, it will automatically use the TLS1.2 protocol. Updating a few systems that run your scripts is a lot easier than updating thousands of scripts, and this will save you a ton of time.<\/p>\n","protected":false},"excerpt":{"rendered":"
If you have done much with Invoke-webrequest, and if your endpoints have an inkling of security minded people watching them, then chances are you have run into a small issue: Invoke-WebRequest : The request was aborted: Could not create SSL\/TLS secure channel. What’s happening here? Well, chances are that the end-point you are attempting to … Continue reading “Powershell – Security in your profile”<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-368","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/draith.com\/index.php?rest_route=\/wp\/v2\/posts\/368","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/draith.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/draith.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/draith.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/draith.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=368"}],"version-history":[{"count":0,"href":"https:\/\/draith.com\/index.php?rest_route=\/wp\/v2\/posts\/368\/revisions"}],"wp:attachment":[{"href":"https:\/\/draith.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=368"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/draith.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=368"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/draith.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=368"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}