Working with some older Cisco ASA devices, I’m trying to access the ASDM interface. The browser isn’t giving me luck, so I turned to PowerShell to help me, but I get the following error when trying an Invoke-WebRequest
to grab the asdm.jnlp file I need.
The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.
Eh, ok. My first thought was to somehow avoid a certificate check but I did not see a native way of doing this with Invoke-WebRequest
(at least from an old Server 2008 box with PowerShell v4.0).
StackOverflow to the rescue. Here’s the solution that worked for me.
if (-not("dummy" -as [type])) { add-type -TypeDefinition @" using System; using System.Net; using System.Net.Security; using System.Security.Cryptography.X509Certificates; public static class Dummy { public static bool ReturnTrue(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) { return true; } public static RemoteCertificateValidationCallback GetDelegate() { return new RemoteCertificateValidationCallback(Dummy.ReturnTrue); } } "@ } [System.Net.ServicePointManager]::ServerCertificateValidationCallback = [dummy]::GetDelegate()
Now I can add on my Invoke-WebRequest
and everything works.