Using Powershell v3’s Invoke-WebRequest and Invoke-RestMethod I have succesfully used the POST method to post a json file to a https website.
The command I’m using is
$cert=New-Object System.Security.Cryptography.X509Certificates.X509Certificate2("cert.crt")
Invoke-WebRequest -Uri https://IPADDRESS/resource -Credential $cred -certificate $cert -Body $json -ContentType application/json -Method POST
However when I attempt to use the GET method like:
Invoke-WebRequest -Uri https://IPADDRESS/resource -Credential $cred -certificate $cert -Method GET
The following error is returned
Invoke-RestMethod : The underlying connection was closed: An unexpected error occurred on a send.
At line:8 char:11
+ $output = Invoke-RestMethod -Uri https://IPADDRESS/resource -Credential $cred
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-RestMethod], WebException
+ FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeRestMethodCommand
I have attempted using the following code to ignore SSL cert, but I’m not sure if its actually doing anything.
[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}
What might be going wrong here and how to fix it?
desertnaut
57.1k23 gold badges137 silver badges165 bronze badges
asked Jul 27, 2012 at 23:39
3
This work-around worked for me:
http://connect.microsoft.com/PowerShell/feedback/details/419466/new-webserviceproxy-needs-force-parameter-to-ignore-ssl-errors
Basically, in your PowerShell script:
add-type @"
using System.Net;
using System.Security.Cryptography.X509Certificates;
public class TrustAllCertsPolicy : ICertificatePolicy {
public bool CheckValidationResult(
ServicePoint srvPoint, X509Certificate certificate,
WebRequest request, int certificateProblem) {
return true;
}
}
"@
[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy
$result = Invoke-WebRequest -Uri "https://IpAddress/resource"
answered Apr 5, 2013 at 19:20
Lee GrissomLee Grissom
9,6355 gold badges36 silver badges46 bronze badges
6
Lee’s answer is great, but I also had issues with which protocols the web server supported.
After also adding the following lines, I could get the https request through. As pointed out in this answer https://stackoverflow.com/a/36266735
$AllProtocols = [System.Net.SecurityProtocolType]'Ssl3,Tls,Tls11,Tls12'
[System.Net.ServicePointManager]::SecurityProtocol = $AllProtocols
My full solution with Lee’s code.
add-type @"
using System.Net;
using System.Security.Cryptography.X509Certificates;
public class TrustAllCertsPolicy : ICertificatePolicy {
public bool CheckValidationResult(
ServicePoint srvPoint, X509Certificate certificate,
WebRequest request, int certificateProblem) {
return true;
}
}
"@
$AllProtocols = [System.Net.SecurityProtocolType]'Ssl3,Tls,Tls11,Tls12'
[System.Net.ServicePointManager]::SecurityProtocol = $AllProtocols
[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy
answered Sep 16, 2017 at 13:43
AndOsAndOs
1,2849 silver badges6 bronze badges
10
An alternative implementation in pure powershell (without Add-Type
of c# source):
#requires -Version 5
#requires -PSEdition Desktop
class TrustAllCertsPolicy : System.Net.ICertificatePolicy {
[bool] CheckValidationResult([System.Net.ServicePoint] $a,
[System.Security.Cryptography.X509Certificates.X509Certificate] $b,
[System.Net.WebRequest] $c,
[int] $d) {
return $true
}
}
[System.Net.ServicePointManager]::CertificatePolicy = [TrustAllCertsPolicy]::new()
answered Mar 19, 2019 at 16:59
Invoke-WebRequest «DomainName» -SkipCertificateCheck
You can use -SkipCertificateCheck Parameter to achieve this as a one-liner command ( THIS PARAMETER IS ONLY SUPPORTED ON CORE PSEDITION )
answered May 19, 2020 at 8:56
2
Did you try using System.Net.WebClient
?
$url = 'https://IPADDRESS/resource'
$wc = New-Object System.Net.WebClient
$wc.Credentials = New-Object System.Net.NetworkCredential("username","password")
$wc.DownloadString($url)
answered Jul 31, 2012 at 12:51
6
The following worked worked for me (and uses the latest non deprecated means to interact with the SSL Certs/callback functionality), and doesn’t attempt to load the same code multiple times within the same powershell session:
if (-not ([System.Management.Automation.PSTypeName]'ServerCertificateValidationCallback').Type)
{
$certCallback=@"
using System;
using System.Net;
using System.Net.Security;
using System.Security.Cryptography.X509Certificates;
public class ServerCertificateValidationCallback
{
public static void Ignore()
{
if(ServicePointManager.ServerCertificateValidationCallback ==null)
{
ServicePointManager.ServerCertificateValidationCallback +=
delegate
(
Object obj,
X509Certificate certificate,
X509Chain chain,
SslPolicyErrors errors
)
{
return true;
};
}
}
}
"@
Add-Type $certCallback
}
[ServerCertificateValidationCallback]::Ignore();
This was adapted from the following article
https://d-fens.ch/2013/12/20/nobrainer-ssl-connection-error-when-using-powershell/
answered Aug 2, 2016 at 19:33
I found that when I used the this callback function to ignore SSL certificates [System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}
I always got the error message Invoke-WebRequest : The underlying connection was closed: An unexpected error occurred on a send.
which sounds like the results you are having.
I found this forum post which lead me to the function below. I run this once inside the scope of my other code and it works for me.
function Ignore-SSLCertificates
{
$Provider = New-Object Microsoft.CSharp.CSharpCodeProvider
$Compiler = $Provider.CreateCompiler()
$Params = New-Object System.CodeDom.Compiler.CompilerParameters
$Params.GenerateExecutable = $false
$Params.GenerateInMemory = $true
$Params.IncludeDebugInformation = $false
$Params.ReferencedAssemblies.Add("System.DLL") > $null
$TASource=@'
namespace Local.ToolkitExtensions.Net.CertificatePolicy
{
public class TrustAll : System.Net.ICertificatePolicy
{
public bool CheckValidationResult(System.Net.ServicePoint sp,System.Security.Cryptography.X509Certificates.X509Certificate cert, System.Net.WebRequest req, int problem)
{
return true;
}
}
}
'@
$TAResults=$Provider.CompileAssemblyFromSource($Params,$TASource)
$TAAssembly=$TAResults.CompiledAssembly
## We create an instance of TrustAll and attach it to the ServicePointManager
$TrustAll = $TAAssembly.CreateInstance("Local.ToolkitExtensions.Net.CertificatePolicy.TrustAll")
[System.Net.ServicePointManager]::CertificatePolicy = $TrustAll
}
answered Mar 26, 2013 at 0:50
Aaron DAaron D
5,8171 gold badge35 silver badges51 bronze badges
I tried searching for documentation on the EM7 OpenSource REST API. No luck so far.
http://blog.sciencelogic.com/sciencelogic-em7-the-next-generation/05/2011
There’s a lot of talk about OpenSource REST API, but no link to the actual API or any documentation.
Maybe I was impatient.
Here are few things you can try out
$a = Invoke-RestMethod -Uri https://IPADDRESS/resource -Credential $cred -certificate $cert
$a.Results | ConvertFrom-Json
Try this to see if you can filter out the columns that you are getting from the API
$a.Results | ft
or, you can try using this also
$b = Invoke-WebRequest -Uri https://IPADDRESS/resource -Credential $cred -certificate $cert
$b.Content | ConvertFrom-Json
Curl Style Headers
$b.Headers
I tested the IRM / IWR with the twitter JSON api.
$a = Invoke-RestMethod http://search.twitter.com/search.json?q=PowerShell
desertnaut
57.1k23 gold badges137 silver badges165 bronze badges
answered Aug 1, 2012 at 3:21
1
These registry settings affect .NET Framework 4+ and therefore PowerShell. Set them and restart any PowerShell sessions to use latest TLS, no reboot needed.
Set-ItemProperty -Path 'HKLM:SOFTWAREWow6432NodeMicrosoft.NetFrameworkv4.0.30319' -Name 'SchUseStrongCrypto' -Value '1' -Type DWord
Set-ItemProperty -Path 'HKLM:SOFTWAREMicrosoft.NetFrameworkv4.0.30319' -Name 'SchUseStrongCrypto' -Value '1' -Type DWord
See https://learn.microsoft.com/en-us/dotnet/framework/network-programming/tls#schusestrongcrypto
answered Sep 5, 2018 at 22:10
Jeremy CookJeremy Cook
20.7k9 gold badges71 silver badges77 bronze badges
1
Using a vpn and changing your location from there works completely fine.
I wasn’t able to access raw.githubusercontent.com as in my country, my isp has blocked that url, I tried using a vpn and now it works very well.
answered May 21 at 6:20
1
- Run this command
New-SelfSignedCertificate -certstorelocation cert:localmachinemy -dnsname {your-site-hostname}
in powershell using admin rights, This will generate all certificates in Personal directory
- To get rid of Privacy error, select these certificates, right click → Copy. And paste in Trusted Root Certification Authority/Certificates.
- Last step is to select correct bindings in IIS. Go to IIS website, select Bindings, Select SNI checkbox and set the individual certificates for each website.
Make sure website hostname and certificate dns-name should exactly match
answered May 26, 2017 at 14:37
Доброго времени суток, помогите решить проблему : при попытке сделать запрос на сайт sscasino.online дает ошибку xNet.HttpException" в xNet.dll ("Не удалось установить SSL-соединение с HTTP-сервером 'sscasino.online'.") xNet.HttpException
(xNET)
и
System.Net.WebException" в System.dll ("Базовое соединение закрыто: Непредвиденная ошибка при передаче.") System.Net.WebException
(WebRequest)
request.UserAgent = useragent;
request.IgnoreProtocolErrors = true;
request.SslCertificateValidatorCallback += (sender, certificate, chain, sslPolicyErrors) => true;
var result = request.Get(link);
и
WebRequest req = WebRequest.Create(Url);
WebResponse resp = req.GetResponse();
Stream stream = resp.GetResponseStream();
StreamReader sr = new StreamReader(stream);
string Out = sr.ReadToEnd();
sr.Close();
При этом, если включить http debbuger pro, то запросы идут нормально. Тестил на
нескольких машинах
задан 22 июн 2017 в 8:45
3
xNet
не будет работать из коробки:
xNet
основан наSslStream
и использует протокол по умолчанию:sslStream.AuthenticateAsClient(address.Host);
xNet GitHub- протокол
SslStream
у должен быть уcтановлен так:
sslStream.AuthenticateAsClient(address.Host, null, SslProtocols.Tls12, true);
MSDN
Два варианта:
- внести вклад в GitHub xNet с изменением выше
- cкомпилировать xNet локально с изменением выше
ТАКЖЕ:
Можно попытаться установить протокол по умолчанию где-нибудь вначале (Global.asax -> Startup если есть):
System.Net.ServicePointManager.SecurityProtocol |= SecurityProtocolType.Tls12;
или
ServicePointManager.SecurityProtocol |= (SecurityProtocolType)3072;
Я не пытался проверить, работает ли этот последний вариант
ответ дан 29 июн 2017 в 17:56
user270576user270576
4814 серебряных знака6 бронзовых знаков
1
Для WebRequest
надо было добавить строку ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
Для xNet
так и не разобрался
ответ дан 22 июн 2017 в 9:44
LolidzeLolidze
1,3701 золотой знак12 серебряных знаков26 бронзовых знаков
Для того чтобы получить контент страницы можно воспользоваться классом HttpClient
из библиотеки Microsoft HTTP Client Libraries:
private static async Task<string> GetContentFromPageAsync(string page)
{
System.Net.ServicePointManager.SecurityProtocol =
SecurityProtocolType.Tls12 |
SecurityProtocolType.Tls11 |
SecurityProtocolType.Tls;
using (var client = new HttpClient())
using (var response = await client.GetAsync(page))
using (var content = response.Content)
{
var result = await content.ReadAsStringAsync();
return result;
}
}
Использование:
static void Main(string[] args)
{
var content = GetContentFromPageAsync("https://sscasino.online/").Result;
Console.WriteLine(content);
}
// Создаем прокси.
var proxyUri = string.Format("{0}:{1}", proxyServerAddress, proxyServerPort);
var proxyCredential = new NetworkCredential(proxyUserName, proxyUserPassword);
var proxy = new WebProxy(proxyUri, false)
{
UseDefaultCredentials = false,
Credentials = proxyCredential
};
// Создаем ClientHandler.
HttpClientHandler httpClientHandler = new HttpClientHandler()
{
Proxy = proxy,
PreAuthenticate = true,
UseDefaultCredentials = false,
};
var client = new HttpClient(httpClientHandler);
ответ дан 27 июн 2017 в 11:57
sp7sp7
5,2593 золотых знака20 серебряных знаков39 бронзовых знаков
11
Протоколы HTTP через SSL используют правильно выданный сертификат для проверки.
Можно исползовать делегат RemoteCertificateValidationCallback
для проверки SSL-сертификата.
public static void ConnSSL()
{
WebRequest request = WebRequest.Create(Url);
request.Proxy = null;
request.Credentials = CredentialCache.DefaultCredentials;
//Проверяет SSL-сертификаты
ServicePointManager.ServerCertificateValidationCallback += new System.Net.Security.RemoteCertificateValidationCallback(ValidateServerCertificate);
HttpWebResponse response = (HttpWebResponse)request.GetResponse();
Stream dataStream = response.GetResponseStream();
StreamReader reader = new StreamReader(dataStream);
string responseFromServer = reader.ReadToEnd();
}
public static bool ValidateServerCertificate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
{
return true;
}
Дополнительная информация о RemoteCertificateValidationCallback
protected override WebRequest GetWebRequest(Uri uri)
{
HttpWebRequest webRequest = (HttpWebRequest) base.GetWebRequest(uri);
webRequest.KeepAlive = false;
return webRequest;
}
ссылка GetWebRequest
ответ дан 27 июн 2017 в 12:23
Vardan VardanyanVardan Vardanyan
1,3071 золотой знак13 серебряных знаков30 бронзовых знаков
3
What should have been just another quick PowerShell script performing a WebRequest to get some data, turned into a debugging session when both the Invoke-RestMethod and Invoke-WebRequest PowerShell commands were returning; The underlying connection was closed: An unexpected error occurred on a send.
Invoke-RestMethod
Here is the PowerShell Invoke-RestMethod response that returns: The underlying connection was closed: An unexpected error occurred on a send.
Invoke-RestMethod : The underlying connection was closed: An unexpected error occurred on a send. At line:1 char:15 + ... postdata2 = Invoke-RestMethod -Uri $post.URL -Method Get -UserAgent $ ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-RestMethod], WebException + FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeRestMethodCommand
Invoke-WebRequest
Here is the PowerShell Invoke-WebRequest response that returns: The underlying connection was closed: An unexpected error occurred on a send.
Invoke-WebRequest : The underlying connection was closed: An unexpected error occurred on a send. At line:3 char:21 + ... $postdata = Invoke-WebRequest -Uri $post.URL -Method Get -UserAgent $ ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-WebRequest], WebException + FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeWebRequestCommand
Due to PowerShell defaults, it’s not unusual to have issues with TLS. The ambiguous nature of this error did however make me jump to the conclusion that I probably just needed to enforce TLS 1.2. This can be done using this PowerShell one-liner:
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
However, in this situation that wasn’t the fix. Thinking it was still TLS related I checked out the SSL Certificate for the URI I was making my webrequests against. Looking at the certificate showed it was valid.
Solution
After a lot of searching I was able to work around the problem using scenarios from (here and here), however they weren’t ideal.
The resolution and solution I’m using to resolve the problem is to allow TLS, TLS 1.1 and TLS 1.2.
Insert the following line before invoking your PowerShell WebRequest using either Invoke-RestMethod or Invoke-WebRequest.
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls -bor [Net.SecurityProtocolType]::Tls11 -bor [Net.SecurityProtocolType]::Tls12
Summary
Hopefully this helps others experiencing this error, and allows me to quickly find it again next time I encounter this issue.
Also checkout my PowerShell Snippets Vol 1 and Vol 2 for other simple resolutions to ambiguous errors and tasks.
The underlying connection was closed: an unexpected error occurred on a send.
To resolve the PowerShell “underlying connection was closed” error, in your PowerShell script enable TLS:
Add the following line before your Invoke-RestMethod or Invoke-WebRequest call;
- [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls -bor
[Net.SecurityProtocolType]::Tls11 -bor [Net.SecurityProtocolType]::Tls12
Applies To : PowerShell
Сегодня получится краткий обзор об исключении, которое возникает при попытке получить содержимое страницы с использованием метода GetResponse() класса WebRequest. При этом страницы сайтов, получаемые через незащищенное соединение (протокол HTTP), отрабатывают без каких-либо ошибок. А вот, если вы захотите получить страницу через защищенное соединение (протокол HTTPS), то могут возникнуть некоторые трудности.
Внимание! Не для всех страниц с протоколом HTTPS возникает исключительная ситуация. Например, исключение может быть при использовании сайтом бесплатного сертификата Let’s Encrypt, использующего TLS шифрование.
Самые распространенные исключения, которые возникают:
System.Net.WebException: "Базовое соединение закрыто: Непредвиденная ошибка при передаче. "IOException: Не удается прочитать данные из транспортного соединения: Удаленный хост принудительно разорвал существующее подключение. SocketException: Удаленный хост принудительно разорвал существующее подключение
Ниже приведу пример кода для получения содержимого web-страницы (рабочий вариант):
using System; using System.IO; using System.Net; namespace ConsoleApp1 { class Program { static void Main(string[] args) { string url = "https://www.petrolplus.ru"; // Без этой строки возможно выскакивание исключения! ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12; WebRequest request = WebRequest.Create(url); request.Credentials = CredentialCache.DefaultCredentials; WebResponse response = request.GetResponse(); Console.WriteLine(((HttpWebResponse)response).StatusDescription); Stream dataStream = response.GetResponseStream(); StreamReader reader = new StreamReader(dataStream); string responseFromServer = reader.ReadToEnd(); Console.WriteLine(responseFromServer); reader.Close(); response.Close(); Console.ReadKey(); } } }
Как видно из примера кода строка ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12
гарантирует, что не будет проблем с сертификатом. Здесь мы присваиваем протокол TLS 1.2.
Спасибо всем за внимание.
Если вы нашли ошибку, пожалуйста, выделите фрагмент текста и нажмите Ctrl+Enter.
- Remove From My Forums
-
Вопрос
-
Всем доброго дня! Помогите с проблемой
$Url = "http://site/file.exe" $Path = "D:1.exe" $WebClient = New-Object System.Net.WebClient $WebClient.DownloadFile($url,$path)
при выполнении
Исключение при вызове «DownloadFile» с «2» аргументами: «Исключение во время запроса WebClient.»
строка:4 знак:1
+ $webclient.DownloadFile($fileURL,$fileName)
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : WebExceptionчто не так? Help?
Ответы
-
Проверьте путь, указанный для сохранения файла. Попробуйте скачать файл в другое место.
-
Помечено в качестве ответа
14 октября 2013 г. 9:37
-
Помечено в качестве ответа
Эта ошибка довольно специфична, что делает ее потенциально экологической проблемой на вашем хосте или в вашей корпоративной среде, поскольку опубликованный вами код должен / работает как есть.
# Tested on a few lab hosts
$AllProtocols = [System.Net.SecurityProtocolType]'Ssl3,Tls,Tls11,Tls12'
[System.Net.ServicePointManager]::SecurityProtocol = $AllProtocols
Invoke-WebRequest -Uri https://aka.ms/downloadazcopy-v10-windows -OutFile $env:C:tempazcopy.zip -Verbose
Get-ChildItem C:temp
# Results
<#
VERBOSE: GET https://aka.ms/downloadazcopy-v10-windows with 0-byte payload
VERBOSE: received 9317519-byte response of content-type application/zip
Directory: C:temp
Mode LastWriteTime Length Name
---- ------------- ------ ----
-a---- 9/11/2020 8:45 PM 9317519 azcopy.zip
#>
Но на самом деле вам это нужно только в верхней части вашего кода.
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
Вы можете узнать больше об ошибке, запустив код, позвольте ошибке произойти, а затем используя
$Error[0] | Format-List -Force
Вы также можете узнать больше с помощью командлета Trace-Command.
Trace-Command -Name metadata,parameterbinding,cmdlet -Expression {
Invoke-WebRequest -Uri https://aka.ms/downloadazcopy-v10-windows -OutFile $env:C:tempazcopy.zip
} -PSHost
# Results
<#
DEBUG: ParameterBinding Information: 0 : BIND NAMED cmd line args [Invoke-WebRequest]
DEBUG: ParameterBinding Information: 0 : BIND arg [https://aka.ms/downloadazcopy-v10-windows] to parameter [Uri]
DEBUG: ParameterBinding Information: 0 : COERCE arg to [System.Uri]
DEBUG: ParameterBinding Information: 0 : Trying to convert argument value from System.String to System.Uri
DEBUG: ParameterBinding Information: 0 : CONVERT arg type to param type using LanguagePrimitives.ConvertTo
DEBUG: ParameterBinding Information: 0 : CONVERT SUCCESSFUL using LanguagePrimitives.ConvertTo: [https://aka.ms/downloadazcopy-v10-windows]
DEBUG: ParameterBinding Information: 0 : Executing VALIDATION metadata: [System.Management.Automation.ValidateNotNullOrEmptyAttribute]
DEBUG: ParameterBinding Information: 0 : BIND arg [https://aka.ms/downloadazcopy-v10-windows] to param [Uri] SUCCESSFUL
DEBUG: ParameterBinding Information: 0 : BIND arg [tempazcopy.zip] to parameter [OutFile]
DEBUG: ParameterBinding Information: 0 : COERCE arg to [System.String]
DEBUG: ParameterBinding Information: 0 : Parameter and arg types the same, no coercion is needed.
DEBUG: ParameterBinding Information: 0 : BIND arg [tempazcopy.zip] to param [OutFile] SUCCESSFUL
DEBUG: ParameterBinding Information: 0 : BIND POSITIONAL cmd line args [Invoke-WebRequest]
DEBUG: ParameterBinding Information: 0 : MANDATORY PARAMETER CHECK on cmdlet [Invoke-WebRequest]
DEBUG: ParameterBinding Information: 0 : CALLING BeginProcessing
DEBUG: ParameterBinding Information: 0 : CALLING EndProcessing
#>
При попытке задействовать удаленные ресурсы лучше всего проверить работоспособность / соединение, прежде чем принимать меры. Обычно это Test-Connection/Test-NetConection, но в вашем случае один из командлетов Invoke-* был бы более разумным.
Invoke-WebRequest -Uri ‘https://aka.ms/downloadazcopy-v10-windows’ -UseBasicParsing
# Results
<#
StatusCode : 200
StatusDescription : OK
Content : {80, 75, 3, 4...}
RawContent : HTTP/1.1 200 OK
Content-MD5: HjZjoPa87mg1bK4eVQqASQ==
x-ms-request-id: aa4341fb-e01e-00a6-0c94-810077000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Connect...
Headers : {[Content-MD5, HjZjoPa87mg1bK4eVQqASQ==], [x-ms-request-id, aa4341fb-e01e-00a6-0c94-810077000000], [x-ms-version, 2009-09-19],
[x-ms-lease-status, unlocked]...}
RawContentLength : 9317519
#>
См. Также эту статью.
What should have been just another quick PowerShell script performing a WebRequest to get some data, turned into a debugging session when both the Invoke-RestMethod and Invoke-WebRequest PowerShell commands were returning; The underlying connection was closed: An unexpected error occurred on a send.
Invoke-RestMethod
Here is the PowerShell Invoke-RestMethod response that returns: The underlying connection was closed: An unexpected error occurred on a send.
Invoke-RestMethod : The underlying connection was closed: An unexpected error occurred on a send. At line:1 char:15 + ... postdata2 = Invoke-RestMethod -Uri $post.URL -Method Get -UserAgent $ ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-RestMethod], WebException + FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeRestMethodCommand
Invoke-WebRequest
Here is the PowerShell Invoke-WebRequest response that returns: The underlying connection was closed: An unexpected error occurred on a send.
Invoke-WebRequest : The underlying connection was closed: An unexpected error occurred on a send. At line:3 char:21 + ... $postdata = Invoke-WebRequest -Uri $post.URL -Method Get -UserAgent $ ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-WebRequest], WebException + FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeWebRequestCommand
Due to PowerShell defaults, it’s not unusual to have issues with TLS. The ambiguous nature of this error did however make me jump to the conclusion that I probably just needed to enforce TLS 1.2. This can be done using this PowerShell one-liner:
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
However, in this situation that wasn’t the fix. Thinking it was still TLS related I checked out the SSL Certificate for the URI I was making my webrequests against. Looking at the certificate showed it was valid.
Solution
After a lot of searching I was able to work around the problem using scenarios from (here and here), however they weren’t ideal.
The resolution and solution I’m using to resolve the problem is to allow TLS, TLS 1.1 and TLS 1.2.
Insert the following line before invoking your PowerShell WebRequest using either Invoke-RestMethod or Invoke-WebRequest.
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls -bor [Net.SecurityProtocolType]::Tls11 -bor [Net.SecurityProtocolType]::Tls12
Summary
Hopefully this helps others experiencing this error, and allows me to quickly find it again next time I encounter this issue.
Also checkout my PowerShell Snippets Vol 1 and Vol 2 for other simple resolutions to ambiguous errors and tasks.
The underlying connection was closed: an unexpected error occurred on a send.
To resolve the PowerShell “underlying connection was closed” error, in your PowerShell script enable TLS:
Add the following line before your Invoke-RestMethod or Invoke-WebRequest call;
- [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls -bor
[Net.SecurityProtocolType]::Tls11 -bor [Net.SecurityProtocolType]::Tls12
Applies To : PowerShell
I am trying to connect to an external api website. I don’t know details around how REST/JSON works, but I want to use powershell to download a csv file via GET method. I could successfully connect via CURL, but with powershell I cannot, and am exhausted.
CURL:
curl.exe -v -H «Accept: application/json» -u APIKEY: «https://»
Powershell:
Invoke-RestMethod -Uri ‘https://’ -Headers @{«AUTHORIZATION»=»Basic «} -Method Get
I always receive following error:
the underlying connection was closed an unexpected error occurred on a send and the underlying connection was closed an unexpected error occurred on a receive
I tried using following script for certificate:
add-type @»
using System.Net;
using System.Security.Cryptography.X509Certificates;
public class TrustAllCertsPolicy : ICertificatePolicy {
public bool CheckValidationResult(
ServicePoint srvPoint, X509Certificate certificate,
WebRequest request, int certificateProblem) {
return true;
}
}
«@
[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy
$result = Invoke-WebRequest -Uri «https://IpAddress/resource»
Source: http://stackoverflow.com/questions/11696944/powershell-v3-invoke-webrequest-https-error
still no luck.
Can someone help me understand what I am doing wrong?
Update# 2:
Basic is followed by Base64Encoded API KEY. This is what I see when I use the API Web, the one website provides:
{
«Accept»: «application/json»,
«Authorization»: «Basic Base64Encode»,
«Content-Length»: 0,
«x-forwarded-for»: «Source IP»
}
I upgraded to v4
PS C:> $PSVersionTable.PSVersion
Major Minor Build Revision
—– —– —– ——–
4 0 -1 -1
and also used:
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
since TLS1.2 is the requirement, still same error:
Invoke-RestMethod : The underlying connection was closed: An unexpected error occurred on a receive.
At line:1 char:1
+ Invoke-RestMethod -Method Get -Uri ‘https:////// …
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-RestMethod], We
eption
+ FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeRestMethodCommand
If I don’t use https, then it says:
Unable to connect to the remote server
I have an existing REST API that accept x-www-form-urlencoded. The API need parameter apikey, and tested successfully in Postman as shown below.
However I need to invoke this API using Powershell.Below is my code :
$params = @{"apikey"="abcd1234"}
Invoke-WebRequest -Uri http://localhost:3030/api/v1/usergroupsync -Method POST -Body $params
#also tried below, no avail.
Invoke-RestMethod -Uri http://localhost:3030/api/v1/usergroupsync -Method POST -Body $params
However I encountered this error :
Invoke-WebRequest : The underlying connection was closed: An unexpected error occured on a receive At line:14 char:1
+ Invoke-WebRequest -Uri http://localhost:3030/api/v1/usergroupsync -Method POST -...
+==============================================================================
+ CategoryInfo : InvalidOperations: (System.Net.HttpWebRequest:HTTTpWebRequest) [Invoke-WebRequest], WebException
+ FullyQualifiedErrorId : WebcmdletWebResponseException,Microsoft.Powershell.Commands.InvokeWebRequest
If I remove -Body, there is no error, and Response was as expected «API Key is not valid» which means my REST API validate correctly.
So I suspect the reason if my issue is on the body? Any idea on how to solve this issue?
PS Version is 4.0.0
PS C:> $PSVersionTable.PSVersion
Major Minor Build Revision
----- ----- ----- --------
4 0 -1 -1
-
#1
Привет всем, разбираюсь с telegram bot API, решил набросать основу на powershell. Но в самом начале ошибка:
Код:
PS C:bot> $token = "тут мой токен"
PS C:bot> $URL_get = "https://api.telegram.org/bot$token/getUpdates"
PS C:bot> $URL_set = "https://api.telegram.org/bot$token/sendMessage"
PS C:bot> Invoke-RestMethod -Uri $URL_get
Ошибка вот такая
Invoke-RestMethod : Базовое соединение закрыто: Непредвиденная ошибка при передаче.
строка:1 знак:1
+ Invoke-RestMethod -Uri $URL_get
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-RestMethod], WebExc
eption
+ FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeRestMethodCommand
Подскажите из за чего ??
Последнее редактирование модератором: 23.04.2020
-
#2
телеграм же запрещен, если из России запускаете, вот вы и не можете соединиться. Можно попробовать через прокси какой нибудь
-
#3
Привет всем, разбираюсь с telegram bot API, решил набросать основу на powershell. Но в самом начале ошибка:
Код:
PS C:bot> $token = "тут мой токен" PS C:bot> $URL_get = "https://api.telegram.org/bot$token/getUpdates" PS C:bot> $URL_set = "https://api.telegram.org/bot$token/sendMessage" PS C:bot> Invoke-RestMethod -Uri $URL_get
Ошибка вот такая
Подскажите из за чего ??
попробуйте подключаться через прокси.
-
#4
Привет всем, разбираюсь с telegram bot API, решил набросать основу на powershell. Но в самом начале ошибка:
Код:
PS C:bot> $token = "тут мой токен" PS C:bot> $URL_get = "https://api.telegram.org/bot$token/getUpdates" PS C:bot> $URL_set = "https://api.telegram.org/bot$token/sendMessage" PS C:bot> Invoke-RestMethod -Uri $URL_get
Ошибка вот такая
Подскажите из за чего ??
телеграм заблочен в РФ.
Попробуйте поискать бесплатный VPN, например TunnelBear или прокси
Последнее редактирование: 24.04.2020
-
#5
жаль, а есть аналоги телеграм ботов ?
-
#6
жаль, а есть аналоги телеграм ботов ?
Microsoft Bot Framework
Hi everyone,
To Introduce myself : Working as a Power BI Developer with PBI Admin access.
My Powershell script stoped working suddenly and prompting me an error saying the underlying connection was closed. This was all working fine few days back.
Here is a part of my script that calls REST API to export the reprot in pdf format.
Login-PowerBI
$groupid = «Hidden»
$Reportid = «Hidden»
$Folder = «c:temp»
$Body = «{`”format`”:`”pdf`”}»
$filename = $Folder + «PowerBIMetrics.pdf»
$StatusCheck=0
# Get token
$token = Get-PowerBIAccessToken -AsString
##write-host $token
# Building Rest API header with authorization token
$authHeader = @{
«Authorization»= $token
«Content-Type» = «application/json»
}
$url1 = «https://api.powerbi.com/v1.0/myorg/groups/$groupid/reports/$Reportid/ExportTo»
Invoke-RestMethod -Method Post -uri $url1 -Headers $authHeader -body $Body
I have tried to look for solution and many of them (Power BI community/ DBA) is saying I need to add extra line of code below before I execute the Invoke-ResMethod command line,
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
Unfortunately, I’m getting same error message.
Thank you.
Eric
I am pretty new to PowerShell and am trying to use REST methods for an application which require OAuth2.0 Authentication.
I have written the following using this https://msdn.microsoft.com/en-us/library/hh454950.aspx as a reference:
$ClientID = 'david_web'
$client_Secret = 'Secret_123'
$Uri = "https://target_server/api/token"
$Body = "grant_type=password=$ClientID&username=$client_Secret"
$admAuth=Invoke-RestMethod -Uri $Uri -Body $Body -Method Post
$HeaderValue = "Bearer " + $admauth
$uri = "https://target_server/api/v1.0/discovery";
$result = Invoke-RestMethod -Uri $uri -Headers @{Authorization = $HeaderValue}
$result.string.'#text'
When I run this I get:
Invoke-RestMethod : The underlying connection was closed: An unexpected error
occurred on a send.
If I try the following from Linux:
curl -k -i -X POST -d 'grant_type=password&username=david_web&password=Secret_123' https://target_server/api/token
It works but I have to include the -k option. How do I do the same on PowerShell?
Edit:
Running just this:
$ClientID = 'david_web'
$client_Secret = 'Secret_123'
$Uri = "https://target_server/api/token"
$Body = 'grant_type=password&username=$ClientID&password=$client_Secret'
$admAuth = Invoke-RestMethod -Method Post -Uri $Uri -Body $Body
Returns:
[ERROR] Invokenvoke-RestMethod : The underlying connection was closed: An unexpected error
[ERROR] occurred on a send.
[ERROR] At C:datavisual studio 2015ProjectsPSDiscoveryRESTGetToken.ps1:34 [ERROR] char:12
[ERROR] + $admAuth = Invoke-RestMethod -Method Post -Uri $Uri -Body $Body
[ERROR] + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[ERROR] + CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:Htt
[ERROR] pWebRequest) [Invoke-RestMethod], WebException
[ERROR] + FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShe
[ERROR] ll.Commands.InvokeRestMethodCommand
I am pretty new to PowerShell and am trying to use REST methods for an application which require OAuth2.0 Authentication.
I have written the following using this https://msdn.microsoft.com/en-us/library/hh454950.aspx as a reference:
$ClientID = 'david_web'
$client_Secret = 'Secret_123'
$Uri = "https://target_server/api/token"
$Body = "grant_type=password=$ClientID&username=$client_Secret"
$admAuth=Invoke-RestMethod -Uri $Uri -Body $Body -Method Post
$HeaderValue = "Bearer " + $admauth
$uri = "https://target_server/api/v1.0/discovery";
$result = Invoke-RestMethod -Uri $uri -Headers @{Authorization = $HeaderValue}
$result.string.'#text'
When I run this I get:
Invoke-RestMethod : The underlying connection was closed: An unexpected error
occurred on a send.
If I try the following from Linux:
curl -k -i -X POST -d 'grant_type=password&username=david_web&password=Secret_123' https://target_server/api/token
It works but I have to include the -k option. How do I do the same on PowerShell?
Edit:
Running just this:
$ClientID = 'david_web'
$client_Secret = 'Secret_123'
$Uri = "https://target_server/api/token"
$Body = 'grant_type=password&username=$ClientID&password=$client_Secret'
$admAuth = Invoke-RestMethod -Method Post -Uri $Uri -Body $Body
Returns:
[ERROR] Invokenvoke-RestMethod : The underlying connection was closed: An unexpected error
[ERROR] occurred on a send.
[ERROR] At C:datavisual studio 2015ProjectsPSDiscoveryRESTGetToken.ps1:34 [ERROR] char:12
[ERROR] + $admAuth = Invoke-RestMethod -Method Post -Uri $Uri -Body $Body
[ERROR] + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[ERROR] + CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:Htt
[ERROR] pWebRequest) [Invoke-RestMethod], WebException
[ERROR] + FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShe
[ERROR] ll.Commands.InvokeRestMethodCommand
#.net #azure #powershell
#.net #azure #powershell
Вопрос:
Ниже приведен код в моем пользовательском расширении скрипта
$AllProtocols = [System.Net.SecurityProtocolType]'Ssl3,Tls,Tls11,Tls12'
[System.Net.ServicePointManager]::SecurityProtocol = $AllProtocols
Invoke-WebRequest -Uri https://aka.ms/downloadazcopy-v10-windows -OutFile $env:C:tempazcopy.zip
когда я запускаю свое пользовательское расширение скрипта, я получаю сообщение об ошибке ниже
"Invoke-WebRequest : The underlying connection was closed: An unexpected error
Любая помощь о том, как ее устранить?
Ответ №1:
Эта ошибка довольно специфична, что делает это потенциально проблемой среды на вашем хосте или в вашей корпоративной среде, поскольку опубликованный вами код должен / работает как есть.
# Tested on a few lab hosts
$AllProtocols = [System.Net.SecurityProtocolType]'Ssl3,Tls,Tls11,Tls12'
[System.Net.ServicePointManager]::SecurityProtocol = $AllProtocols
Invoke-WebRequest -Uri https://aka.ms/downloadazcopy-v10-windows -OutFile $env:C:tempazcopy.zip -Verbose
Get-ChildItem C:temp
# Results
<#
VERBOSE: GET https://aka.ms/downloadazcopy-v10-windows with 0-byte payload
VERBOSE: received 9317519-byte response of content-type application/zip
Directory: C:temp
Mode LastWriteTime Length Name
---- ------------- ------ ----
-a---- 9/11/2020 8:45 PM 9317519 azcopy.zip
#>
Тем не менее, вам действительно нужно это только в верхней части вашего кода.
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
Вы можете получить больше информации об ошибке, запустив код, допустив возникновение ошибки, а затем используя
$Error[0] | Format-List -Force
Вы также можете узнать больше, используя командлет Trace-Command.
Trace-Command -Name metadata,parameterbinding,cmdlet -Expression {
Invoke-WebRequest -Uri https://aka.ms/downloadazcopy-v10-windows -OutFile $env:C:tempazcopy.zip
} -PSHost
# Results
<#
DEBUG: ParameterBinding Information: 0 : BIND NAMED cmd line args [Invoke-WebRequest]
DEBUG: ParameterBinding Information: 0 : BIND arg [https://aka.ms/downloadazcopy-v10-windows] to parameter [Uri]
DEBUG: ParameterBinding Information: 0 : COERCE arg to [System.Uri]
DEBUG: ParameterBinding Information: 0 : Trying to convert argument value from System.String to System.Uri
DEBUG: ParameterBinding Information: 0 : CONVERT arg type to param type using LanguagePrimitives.ConvertTo
DEBUG: ParameterBinding Information: 0 : CONVERT SUCCESSFUL using LanguagePrimitives.ConvertTo: [https://aka.ms/downloadazcopy-v10-windows]
DEBUG: ParameterBinding Information: 0 : Executing VALIDATION metadata: [System.Management.Automation.ValidateNotNullOrEmptyAttribute]
DEBUG: ParameterBinding Information: 0 : BIND arg [https://aka.ms/downloadazcopy-v10-windows] to param [Uri] SUCCESSFUL
DEBUG: ParameterBinding Information: 0 : BIND arg [tempazcopy.zip] to parameter [OutFile]
DEBUG: ParameterBinding Information: 0 : COERCE arg to [System.String]
DEBUG: ParameterBinding Information: 0 : Parameter and arg types the same, no coercion is needed.
DEBUG: ParameterBinding Information: 0 : BIND arg [tempazcopy.zip] to param [OutFile] SUCCESSFUL
DEBUG: ParameterBinding Information: 0 : BIND POSITIONAL cmd line args [Invoke-WebRequest]
DEBUG: ParameterBinding Information: 0 : MANDATORY PARAMETER CHECK on cmdlet [Invoke-WebRequest]
DEBUG: ParameterBinding Information: 0 : CALLING BeginProcessing
DEBUG: ParameterBinding Information: 0 : CALLING EndProcessing
#>
При попытке доступа к удаленным ресурсам лучше всего проверить работоспособность / соединение, прежде чем предпринимать действия. Обычно это тестовое соединение / Test-NetConection, но в вашем случае один из командлетов Invoke-* был бы более разумным.
Invoke-WebRequest -Uri ‘https://aka.ms/downloadazcopy-v10-windows ‘ -UseBasicParsing
# Results
<#
StatusCode : 200
StatusDescription : OK
Content : {80, 75, 3, 4...}
RawContent : HTTP/1.1 200 OK
Content-MD5: HjZjoPa87mg1bK4eVQqASQ==
x-ms-request-id: aa4341fb-e01e-00a6-0c94-810077000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Connect...
Headers : {[Content-MD5, HjZjoPa87mg1bK4eVQqASQ==], [x-ms-request-id, aa4341fb-e01e-00a6-0c94-810077000000], [x-ms-version, 2009-09-19],
[x-ms-lease-status, unlocked]...}
RawContentLength : 9317519
#>
Смотрите также эту статью.
Комментарии:
1. Итак, в основном вы говорите, чтобы запустить Invoke-WebRequest, добавив -UseBasicParsing ? Что-то вроде приведенного ниже в моем пользовательском расширении скрипта $AllProtocols = [System.Net.SecurityProtocolType]’Ssl3, Tls, Tls11, Tls12′ [System.Net.ServicePointManager]::SecurityProtocol = $AllProtocols Invoke-WebRequest -Uri ‘ aka.ms/downloadazcopy-v10-windows ‘ -UseBasicParsing
2. Нет. Как вы можете видеть из моего протестированного кода вашего сообщения, это работает. Итак, опять же, что-то блокирует / удаляет вас с вашего хоста. Это связано только с возвращенными результатами. По умолчанию код сценария на веб-странице может запускаться при анализе страницы для заполнения свойства ParsedHtml. Используйте переключатель -UseBasicParsing, чтобы подавить это. . Это больше не требуется при использовании PowerShell Core, поскольку это используется по умолчанию.
3. Хм, хорошо, есть ли способ / обходной путь, который я могу сделать для достижения этого? Я не уверен, что это блокирует, но мне нужно, чтобы azcopy был скопирован на мой сервер с использованием пользовательского расширения скрипта. Любое предложение было бы полезно. К вашему сведению, я попробовал еще раз, обновив свой скрипт, как показано ниже [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls -bor [Net.SecurityProtocolType]::Tls11 -bor [Net.SecurityProtocolType]::Tls12 Invoke-WebRequest -Uri aka.ms/downloadazcopy-v10-windows -OutFile $env:C:tempazcopy.zip Я получил ту же ошибку, что и раньше
4. Вы не можете обойти сетевой блок / удаление. Вам нужно выяснить, почему вы заблокированы / удалены, и это разговор с вашей сетевой командой. Изменение сценария ничего не делает для устранения сетевого блокирования / удаления.