search

LockstepGroup / prtgshell

PowerShell module for PRTG
MIT License
18 stars 10 forks source link

Get-PrtgServer needs proper error handling #5

Open sandersjds opened 10 years ago

sandersjds commented 10 years ago

Should return something useful if the connection doesn't succeed, rather than a generic powershell error message.

chreestopher commented 9 years ago

Could you please take a look at adding the ability to ignore bad ssl certs?

this function tends to work for me ...

function Ignore-SSLCertificates { $Provider = New-Object Microsoft.CSharp.CSharpCodeProvider $Compiler = $Provider.CreateCompiler() $Params = New-Object System.CodeDom.Compiler.CompilerParameters $Params.GenerateExecutable = $false $Params.GenerateInMemory = $true $Params.IncludeDebugInformation = $false $Params.ReferencedAssemblies.Add("System.DLL") > $null $TASource=@' namespace Local.ToolkitExtensions.Net.CertificatePolicy { public class TrustAll : System.Net.ICertificatePolicy { public bool CheckValidationResult(System.Net.ServicePoint sp,System.Security.Cryptography.X509Certificates.X509Certificate cert, System.Net.WebRequest req, int problem) { return true; } } } '@ $TAResults=$Provider.CompileAssemblyFromSource($Params,$TASource) $TAAssembly=$TAResults.CompiledAssembly

We create an instance of TrustAll and attach it to the ServicePointManager

$TrustAll = $TAAssembly.CreateInstance("Local.ToolkitExtensions.Net.CertificatePolicy.TrustAll")
[System.Net.ServicePointManager]::CertificatePolicy = $TrustAll

} Ignore-SSLCertificates

could you please try to integrate this into the module? (the place I work uses prtg with a self signed ssl cert, and I can not get your module to work for me due to ssl issues.

sandersjds commented 9 years ago

Can look at possibly integrating this code, but we already have some handlers in place to allow self-signed certs.

What version of PRTG are you running? Is it the one after they added all the new SSL security (14.4.12, I think)?

The latest version of PRTG introduces some new security settings that I believe move the default encryption beyond the capabilities of powershell's webclient. You can test this by switching the new stuff off in PRTG (Setup -> System Administration -> User Interface -> SSL Security -> "Weakened Security").

chreestopher commented 9 years ago

version is PRTG Network Monitor 14.4.12.3410 x64 .... I can however connect via "Invoke-WebRequest -Method get -Uri "$apiendpoint/table.xml?content=sensors$authenticationstring" .... but only after setting the session to ignore ssl via the function I posted, ive tried to edit your module to include the function, but I cant seem to get it to work right, anyways, if you could get it to work your module would be super helpful for some things I am working on.