Скачать файл из Интернет

Method 1a, by default synchronous**

Invoke-WebRequest $url -OutFile $path_to_file

Если возникнет ошибка "…Could not create SSL/TLS secure channel." То вести комманду 

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}

Или один раз выполнить и больше ошибки не будет 

Set-ItemProperty -Path 'HKLM:\SOFTWARE\Wow6432Node\Microsoft\.NetFramework\v4.0.30319' -Name 'SchUseStrongCrypto' -Value '1' -Type DWord
Set-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\.NetFramework\v4.0.30319' -Name 'SchUseStrongCrypto' -Value '1' -Type DWord

Method 1b (for JSON/XML data), by default synchronous**

Invoke-RestMethod $url -OutFile $path_to_file

This method is a wrapper around Invoke-WebRequest, but provides some additional formatting of JSON results. (See documentation here and here.)

Method 2, by default synchronous**

  (New-Object System.Net.WebClient).DownloadFile($url, $path_to_file)

Method 3, asynchronous and may be much slower than the other two but is very gentle on bandwidth usage (it uses the BITS service).

  Import-Module BitsTransfer
  Start-BitsTransfer -Source $url -Destination $path_to_file

Скачать сертификат с сервера в Интернет

$webRequest = [Net.WebRequest]::Create("https://www.myserver.ru/")
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls11
[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}
$webRequest.Proxy = $null
$webRequest.GetResponse() 
$cert = $webRequest.ServicePoint.Certificate
$bytes = $cert.Export([Security.Cryptography.X509Certificates.X509ContentType]::Cert)
set-content -value $bytes -encoding byte -path "$pwd\mycert.cer"

Ошибка Invoke-RestMethod : The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.

При использовании Invoke-RestMethod или Invoke-WebRequest с https на URL сервера, где установлен самоподписанный сертификат, возникали ошибки:

  • The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.
  • The underlying connection was closed: An unexpected error occurred on a send.

Получилась аж вот такая конструкция, но я нашёл свойство, отключающее проверку сертификата (выделил ): 

  1. $URi = "https://<URL>"
  2. $request = [System.Net.WebRequest]::Create($URi)
  3. $data = (New-Object PSObject |
  4.     Add-Member -PassThru NoteProperty user "<USER>" |
  5.     Add-Member -PassThru NoteProperty password "<PASSWORD>"
  6. ) | ConvertTo-JSON
  7. $request.KeepAlive = $false
  8. $request.Headers.Add($HeadersCollection)
  9. $request.ContentType = "application/json"
  10. $request.Accept = "application/json"
  11. $request.Method = "POST"
  12. $request.ServerCertificateValidationCallback = {$true} 
  13. $bytes = [System.Text.Encoding]::ASCII.GetBytes($data)
  14. $request.ContentLength = $bytes.Length
  15. $requestStream = [System.IO.Stream]$request.GetRequestStream()
  16. $requestStream.write($bytes, 0, $bytes.Length)
  17. $requestStream.Close()
  18. $response = $request.GetResponse()
  19. $response.GetResponseStream()

И так как свойство было найдено, то решил попробовать пойти по классике, и получилось это: 

  1. [System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$false}   
  2. $data = @{"user" = "<USER>";"password" = "<PASSWORD>"} | ConvertTo-JSON
  3. $URi = "https://<URL>"
  4. Invoke-RestMethod -Method Post -Uri $URi -Body $data -ContentType "application/json"