[System.Net.ServicePointManager]::CheckCertificateRevocationList not working when using Invoke-Command or New-PSSession

2013-08-06 by Leave a Comment

When you use a Invoke-Command or New-PSSession Cmdlet you might run into an error stating that the Certificate recovation list could not be checked. When you set the corresponding property

[System.Net.ServicePointManager]::CheckCertificateRevocationList = $false;

– you still get the same error message.

This is because the aforementioned Cmdlets do not honour this setting (whereas they honour

[System.Net.ServicePointManager]::ServerCertificateValidationCallback = { $true; };

to bypass all certificate validation). Instead they implement their own mechanism that you can set via PSSessionOption:

$sOpt = New-PSSessionOption -SkipRevocationCheck -SkipCACheck;

You then pass on this variable to the respective Cmdlet via the -SessionOption parameter.

Filed Under: PowerShell Tagged With:
«
»

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: