Private/Invoke-WebCertificateRequest.ps1
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 |
Function Invoke-WebCertificateRequest { [CmdletBinding()] param ( [Parameter(Mandatory=$true)] [string]$FQDN, [Parameter(Mandatory=$true)] [int]$Port = 443, [Parameter(Mandatory=$true)] [ValidateSet("Tls12","Tls11","Tls","Ssl3","Ssl2")] [string]$Algorithm ) $Certificate = $null $TcpClient = New-Object -TypeName System.Net.Sockets.TcpClient try { $TcpClient.Connect($FQDN, $Port) $TcpStream = $TcpClient.GetStream() $Callback = { param($sender, $cert, $chain, $errors) return $true } $SslStream = New-Object -TypeName System.Net.Security.SslStream -ArgumentList @($TcpStream, $true, $Callback) try { $SslStream.AuthenticateAsClient($FQDN, $null, $Algorithm, $true) $Certificate = $SslStream.RemoteCertificate } finally { $SslStream.Dispose() } } finally { $TcpClient.Dispose() } if ($Certificate) { if ($Certificate -isnot [System.Security.Cryptography.X509Certificates.X509Certificate2]) { $Certificate = New-Object -TypeName System.Security.Cryptography.X509Certificates.X509Certificate2 -ArgumentList $Certificate } Write-Output $Certificate } } |