Hello,
I am attempting to setup a powershell script to quickly collect the status of the Identity Managers and Connectors. The command I am using for the Managers is giving me good data, however the same command for the Connectors is returning "The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel."
Browsing to the web urls in Chrome work fine aside from letting me know the page is insecure, which I expect.
Identity Manager code that works: "Invoke-WebRequest -Uri http://servername.domain/SAAS/API/1.0/REST/system/health"
Identity Connector code that doesn't work "Invoke-WebRequest -Uri http://servername.domain/hc/API/1.0/REST/system/health"
Any ideas out there?
Thanks.
Turns out this is due to the fact that the nodes don't have certificates. So this is the powershell code that gets around this:
add-type @"
using System.Net;
using System.Security.Cryptography.X509Certificates;
public class TrustAllCertsPolicy : ICertificatePolicy {
public bool CheckValidationResult(
ServicePoint srvPoint, X509Certificate certificate,
WebRequest request, int certificateProblem) {
return true;
}
}
"@
[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy
I use Invoke-RestMethod with both of these URI strings and it works great. Give that a shot.
There is some other information available for the connectors themselves that I've been working on getting, but it involves creating a secure token to login with PowerShell. Login to your portal, and then go here: https://FQDN.domain.com/SAAS/API/1.0/REST/system/health/instanceHealth?hostName=SERVERNAME.domain.co...
I'm seeing the same error if I run Invoke-RestMethod.
Thanks for the heads up, though.
Turns out this is due to the fact that the nodes don't have certificates. So this is the powershell code that gets around this:
add-type @"
using System.Net;
using System.Security.Cryptography.X509Certificates;
public class TrustAllCertsPolicy : ICertificatePolicy {
public bool CheckValidationResult(
ServicePoint srvPoint, X509Certificate certificate,
WebRequest request, int certificateProblem) {
return true;
}
}
"@
[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy