使用来自certstore的客户端证书的PowerShell HTTPS GET

Question

我正在尝试找到使用客户端证书通过HTTPS检查Web内容的简便方法。我有VBScript，其中定义了客户端证书，跳过了服务器证书并定义了我要搜索的内容（字符串“ running”）。我的意思是将脚本重写为PowerShell。

这是VBScode：

device = "10.10.10.10"
link = "5001/test"
Set Http = CreateObject("WinHttp.WinHttpRequest.5.1")
Http.SetClientCertificate "LOCAL_MACHINE\MY\test"
Http.Option(4) = 256 + 512 + 4096 + 8192 
Http.Open "GET", "https://" & device & ":" & link, false
Http.Send
output = Http.ResponseText
If InStr(1,output,"running") Then
wscript.echo "OK"
Else
wscript.echo "Error"
End If
Set Http = Nothing

这是获取HTTP Web内容（而不是https）的Powershell语法：

$page = (New-Object System.Net.WebClient).DownloadString("http://10.10.10.10:5001/test")
"$page"

这是使用.CRT文件获取HTTPS竞争的Powershell语法（但不是来自CERTSTORE）

[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}
$cert = [System.Security.Cryptography.X509Certificates.X509Certificate2]::CreateFromCertFile("C:\Cert\test.crt")
$url = "https://10.10.10.10:5001/test"
$web = [System.Net.WebRequest]::Create($url)
$web.ClientCertificates.Add($Cert)

这是我最新获得网络竞争的尝试。没有成功

#ignore untrusted certificate
[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}
#load my client certificate defined by thumbprint
$cert = Get-Childitem cert:\LocalMachine\My\5AA55B7B8D99
#get web contetn
$web = [System.Net.WebRequest]::Create($url)
#use my client certificate
$web.ClientCertificates.Add($Cert)

有任何想法吗 ？最好的祝福

Answer 1

这为我工作：

Invoke-RestMethod https://10.10.10.10:5001/test -CertificateThumbprint XXXXXXXXXXXXXXXX