Created
October 15, 2017 22:48
-
-
Save lamw/8fedd19e27ff9276169e1bdd5404ca8c to your computer and use it in GitHub Desktop.
Powershell snippet to help extract the SSL Thumbprint (SHA256) of a remote system
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Modification from https://gist.github.com/lamw/988e4599c0f88d9fc25c9f2af8b72c92 | |
| # Thanks to https://stackoverflow.com/a/22251597 for SHA256 details | |
| Function Get-SSLThumbprint256 { | |
| param( | |
| [Parameter( | |
| Position=0, | |
| Mandatory=$true, | |
| ValueFromPipeline=$true, | |
| ValueFromPipelineByPropertyName=$true) | |
| ] | |
| [Alias('FullName')] | |
| [String]$URL | |
| ) | |
| add-type @" | |
| using System.Net; | |
| using System.Security.Cryptography.X509Certificates; | |
| public class IDontCarePolicy : ICertificatePolicy { | |
| public IDontCarePolicy() {} | |
| public bool CheckValidationResult( | |
| ServicePoint sPoint, X509Certificate cert, | |
| WebRequest wRequest, int certProb) { | |
| return true; | |
| } | |
| } | |
| "@ | |
| [System.Net.ServicePointManager]::CertificatePolicy = new-object IDontCarePolicy | |
| # Need to connect using simple GET operation for this to work | |
| Invoke-RestMethod -Uri $URL -Method Get | Out-Null | |
| $ENDPOINT_REQUEST = [System.Net.Webrequest]::Create("$URL") | |
| $CERT = $ENDPOINT_REQUEST.ServicePoint.Certificate | |
| $BYTES = $cert.Export([Security.Cryptography.X509Certificates.X509ContentType]::Cert) | |
| Set-content -value $BYTES -encoding byte -path $ENV:TMP\cert-temp | |
| $SSL_THUMBPRINT = (Get-FileHash -Path $ENV:TMP\cert-temp -Algorithm SHA256).Hash | |
| return $SSL_THUMBPRINT -replace '(..(?!$))','$1:' | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment