I am using soapui to hit a webservice it's working but im trying to create an implementation with PowerShell, the probleme is im using Invoke-RestMethod to send my request with -certificate and I call my certificat in this way :
$Certificat = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2
$Certificat.Import($Dir,$password,"DefaultKeySet");
$status = Invoke-RestMethod -Method 'Post' -Uri $url -Body $body -Certificate $Certificat
the server return 403 error that mean he didnt receive the certificat. my question is there is another method to implement the sending of soap ui call with certificat that require a password.
Looking at your code again, (I guess I should have scrolled all the way right), you are not specifying a cert.
This...
$Certificate = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2
... try it this way.
$Certificate = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2("C:\mycert.cer")
Related
I'm a PowerShell novice and I inherited some code that's forced me to use Powershell7 over 5.1 on my Windows Server 2012 and now I can't get my credentials to authenticate across the organisation's proxy. I'm thinking there's something in the Powershell7 environment that's not installed/no longer supported/not configured correctly. The code below works in 5.1 but in 7, I get a message back from our proxy saying it's missing credentials. Can anyone shed light on what to do?
#*************************************************************************
# Proxy Credentials
#*************************************************************************
[system.net.webrequest]::defaultwebproxy = new-object system.net.webproxy('http://proxy.############')
$username ="###################"
$password ="###################"
$securePwd = $password| convertto-securestring -AsPlainText -Force
$Creds=new-object System.Management.Automation.PSCredential ($username,$securePwd)
$Wcl=New-Object System.Net.WebClient
$Wcl.Proxy.Credentials=$Creds
#*************************************************************************
# Authentication Call
#*************************************************************************
$uri = 'https://testapi.com/web/authenticate'
$params = '{"userName": "######",
"password": "########"
}'
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
$token =Invoke-Webrequest -Method Post -Uri $uri -body $params -ContentType "application/json" -UseBasicParsing |ConvertFrom-Json | Select AuthenticateResult
write-host $token
#*************************************************************************
This was something specific to the service account I was using to log in to the server. Changed the account and it worked on both versions. No idea what the difference was but I got what I needed.
I'm having an internal .NET web service which I try to access from the public network.
If using a browser, a user may enter login and passwd in a form on the Citrix NetScaler custom page and after the form is submitted, the browsing continues and the web service endpoint is working with no issues.
I don't know anything about Citrix NetScaler, but by checking the network calls in the browser's dev tools, I was able to get to the web service by using PowerShell and the a Microsoft.PowerShell.Commands.WebRequestSession object:
$session = New-Object Microsoft.PowerShell.Commands.WebRequestSession
$cookie = New-Object System.Net.Cookie
$cookie.Name = "NSC_TASS"
$cookie.Value = "https://REST_SERVICE_DOMAIN/api/"
$cookie.Domain = "CITRIX_NETSCALER_DOMAIN.com"
$session.Cookies.Add($cookie);
$response = Invoke-WebRequest -Uri "https://CITRIX_NETSCALER_DOMAIN/cgi/login" `
-Method "POST" `
-Headers #{"Content-Type"="application/x-www-form-urlencoded"} `
-Body "login=URL_ENCODED_EMAIL&passwd=URLENCODED_PASSWORD" `
-WebSession $session
Is there a way to login by not using PowerShell's Microsoft.PowerShell.Commands.WebRequestSession object? Do I use the right endpoint?
EDIT: I'm looking for a solution which doesn't involve PowerShell, but it only relies on HTTP headers and cookies
I think you may be able to do -SessionVariable with Invoke-WebRequest, and then append the cookies a similar way.
Invoke-WebRequest https://CITRIX_NETSCALER_DOMAIN/cgi/login -SessionVariable session
...
$session.Cookies.Add($cookie);
The following PowerShell invoke-webrequest works for me when the Windows Service I'm running it from has permission to call the webservice. However, this isn't always the case.
I need to the ability to use Windows Authentication but also set the account username\password for the call. Does anyone have some sample code for doing this?
Invoke-WebRequest -UseBasicParsing "url" -UseDefaultCredentials -Method GET
You may set the UseDefaultCredentials property of Invoke-WebRequest module to true. Link to the official doc: https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.utility/invoke-webrequest?view=powershell-6
$url = "http://yourURL"
$wc = New-Object System.Net.WebClient
$wc.UseDefaultCredentials = $true
$response = $wc.DownloadString($url)
I would like to call a remote Rest web service from a Windows server hosting the remote certificate.
I've exported the certificate from the remote server and added it to the Windwos store. (/Personal/myCert)
I would like to use it on a Invoke-RestMethod PowerShell command.
Here bellow is the code I've tried
# Variables
$Remote_Uri = "https://remote.example.com/service/search"
$Remote_CertificateName = "myCert"
$Remote_ApiKey = "oisdjfSOEDJFKQDfSDKFjsQDKFJ"
$Remote_ContentType = "application/json"
$LocalArtifactPath = "C:\RemoteObjects.json"
# Get Certificate
$Remote_CertificateThumbprint = (Get-ChildItem -Path Cert:\LocalMachine\My | Where-Object {$_.Subject -match $Remote_CertificateName}).Thumbprint;
$Certificate = Get-ChildItem -Path Cert:\LocalMachine\My\$Remote_CertificateThumbprint
# Basic Encoding
$encoding = [System.Text.Encoding]::ASCII.GetBytes($Certificate)
$encodedString = [System.Convert]::ToBase64String($encoding)
$BasicAuth = "Basic " + $encodedString
# Set Headers
$Headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"
$Headers.Add("Authorization", $BasicAuth)
$Headers.Add("api", $Remote_ApiKey)
$Headers.Add("Content-Type", $Remote_ContentType)
# Self-signed certificate
[System.Net.ServicePointManager]::ServerCertificateValidationCallback = { $true }
# Call Rest Service
Invoke-RestMethod -Method Get -Uri $Remote_Uri -OutFile $LocalArtifactPath -Headers $Headers
Invoke-RestMethod -Method Get -Uri $Remote_Uri -OutFile $LocalArtifactPath -Certificate $Certificate
Invoke-RestMethod -Method Get -Uri $Remote_Uri -OutFile $LocalArtifactPath -CertificateThumbprint $Remote_CertificateThumbprint
# Self-signed certificate off
[System.Net.ServicePointManager]::ServerCertificateValidationCallback = $null
The three lines with Invoke-RestMethod commands failed with respectively :
Wrong header (this was expected but I gave it a try)
Authorization is empty or scheme is not basic
Certificate thumbprint not found
I've got the rest call working with #{"AUTHORIZATION"="Basic Base64Encode(user:pass)"} so I can tell the service is answering but I would like not to use user:pass in my script.
I would like to use the Certificate I've added to the Windows Store.
I'm wondering about two things :
Is the "Basic" authorization scheme is the good one to use with a certificate ?
In powershell, how to use a certificate from the local windows store running Invoke-RestMethod command ?
Thank you for your help
Adding this [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 in my script fixed the "The underlying connection was closed" issue.
Before this crosscheck whether IIS is enabled in your system.
I'm trying to write a PowerShell script to have a one click solution to uploading and building my mobile application. I have successfully done this using cURL but was trying to use native PowerShell commands instead. In cURL I can use the -F (--form) parameter and pass the zip file (e.g. -F file=#C:...\www.zip). I cannot figure out how to achieve this same thing using PowerShell. I am trying to use Invoke-RestMethod but not sure if this is correct. Here's a link to the PhoneGap API:
https://build.phonegap.com/docs/write_api
Any help would much appreciated!
Invoke-RestMethod -Uri https://build.phonegap.com/api/v1/apps/:id -Headers #{Authorization='Basic username-and-password-in-base64'} -Method Put -InFile "www.zip"
username-and-password-in-base64 is your Adobe/PhoneGap Build username and password combined into a string "username:password" and encoded using Base64 (http://www.base64decode.org/).
:id in the url is your app id in phonegap build.
Try something like this:
$pathToZip = "bin/phonegap.zip"
$user = "user"
$pass = "password"
## convert to secure password since we can't use get-credential in non interactive mode
$securepass = ConvertTo-SecureString $pass -AsPlainText -Force
## create a PSCredential object
$credential = New-Object System.Management.Automation.PSCredential($user, $securepass)
$appId = "12345"
$url = "https://build.phonegap.com/api/v1/apps/" + $appId;
Write-Host $url
Invoke-RestMethod -Uri $url -Credential $credential -Method Put -InFile $pathToZip