none
Getting Certificate Thumbprint from the URL

    Question

  • Hi ALL,

    I am using below script to get the information about the certificate presented by the URL = https://ssdb.4ss.de which only accept connection from TLS.

    $url = "https://ssdb.4ss.de"
    [system.Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::tls12
    [System.Net.ServicePointManager]::ServerCertificateValidationCallback = { $true }
    $servicePoint = [System.Net.ServicePointManager]::FindServicePoint($url)
    $thumbprint = $servicePoint.Certificate.GetCertHashString()

    I am able to connect and getting below value in $servicepoint variable.

    BindIPEndPointDelegate : ConnectionLeaseTimeout : -1 Address : https://ssdb.4ss.de/ MaxIdleTime : 100000 UseNagleAlgorithm : True ReceiveBufferSize : -1 Expect100Continue : True IdleSince : 05-Nov-18 6:53:54 PM ProtocolVersion : 1.1 ConnectionName : https ConnectionLimit : 2 CurrentConnections : 0 Certificate : ClientCertificate : SupportsPipelining : True

    But, no information in Certificate property. Can someone help.

    I am looking for getting Thumbprint of the certificate. You can access the url as well.


    • Edited by asharma5 Monday, November 5, 2018 1:35 PM
    Monday, November 5, 2018 1:35 PM

Answers

  • I was able to perform this task. Using below script.

    Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
    $webRequest = [Net.WebRequest]::Create($url)
    try { $webRequest.GetResponse() } catch {}
    $cert = $webRequest.ServicePoint.Certificate
    $thumbprint = $webrequest.ServicePoint.Certificate.GetCertHashString()

    • Marked as answer by asharma5 Friday, November 9, 2018 6:10 PM
    Friday, November 9, 2018 6:10 PM

All replies

  • The URL is inaccessible,  has a bogus certificate and cannot be opened.  That prevents the cert from being accessed.


    \_(ツ)_/

    Monday, November 5, 2018 10:13 PM
  • URL is accessible, but it has self signed certificate which shows warning.
    Tuesday, November 6, 2018 2:16 AM
  • We can't access sights that are using self-signed certs.  A cert must have valid chain of authentication.  A self-signed cert only works local to the cert.  It only works for the user that signed it.


    \_(ツ)_/

    Tuesday, November 6, 2018 2:38 AM
  • I was able to perform this task. Using below script.

    Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
    $webRequest = [Net.WebRequest]::Create($url)
    try { $webRequest.GetResponse() } catch {}
    $cert = $webRequest.ServicePoint.Certificate
    $thumbprint = $webrequest.ServicePoint.Certificate.GetCertHashString()

    • Marked as answer by asharma5 Friday, November 9, 2018 6:10 PM
    Friday, November 9, 2018 6:10 PM