Raf*_*ara 9 powershell ssl ssl-certificate
我想使用PowerShell 从https://www.outlook.com下载SSL证书.可能吗?有人能帮助我吗?
Raf*_*ara 21
分享更多知识:-)
$webRequest = [Net.WebRequest]::Create("https://www.outlook.com")
try { $webRequest.GetResponse() } catch {}
$cert = $webRequest.ServicePoint.Certificate
$bytes = $cert.Export([Security.Cryptography.X509Certificates.X509ContentType]::Cert)
set-content -value $bytes -encoding byte -path "$pwd\Outlook.Com.cer"
我的同事Michael J. Lyons和我分享了这个.
Rob*_*und 11
您应该能够通过使用对象ServicePoint上的属性来获取公钥HttpWebRequest.一旦我们向相关网站发出http请求,就会填充这些必要的信息.
如果请求发送到具有不受信任证书的站点,则GetResponse方法将抛出异常,但是,ServicePoint仍然会包含该异常,Certificate因此我们要确保忽略WebException状态是否为信任失败.
所以类似下面这样的东西应该有效:
function Get-PublicKey
{
[OutputType([byte[]])]
PARAM (
[Uri]$Uri
)
if (-Not ($uri.Scheme -eq "https"))
{
Write-Error "You can only get keys for https addresses"
return
}
$request = [System.Net.HttpWebRequest]::Create($uri)
try
{
#Make the request but ignore (dispose it) the response, since we only care about the service point
$request.GetResponse().Dispose()
}
catch [System.Net.WebException]
{
if ($_.Exception.Status -eq [System.Net.WebExceptionStatus]::TrustFailure)
{
#We ignore trust failures, since we only want the certificate, and the service point is still populated at this point
}
else
{
#Let other exceptions bubble up, or write-error the exception and return from this method
throw
}
}
#The ServicePoint object should now contain the Certificate for the site.
$servicePoint = $request.ServicePoint
$key = $servicePoint.Certificate.GetPublicKey()
Write-Output $key
}
Get-PublicKey -Uri "https://www.bing.com"
Get-PublicKey -Uri "https://www.facebook.com"
如果要多次调用该方法,而某些方法可能具有相同的地址,则可能需要使用该ServicePointManager.FindServicePoint(System.Uri)方法来改进该函数,因为如果已经对该站点发出请求,它将返回缓存版本.因此,您可以检查服务点是否已填充信息.如果没有,请发出Web请求.如果有,只需使用已有的信息,为自己保存一个http请求.