ferventcoder
commented
4 years ago What kind of certificate? Self-signed? You would need that in the correct store on the client machine for things to work. If it is a purchased certificate, you just got to make sure the intermediaries are installed on the client. Unfortunately there is a slight chicken and egg as you can't use Chocolatey to do all of that upgrading on the client.
gep13
Getting below error after enabling the SSL. I tried below code but no luck. Choco server deployed on Windows 2016.
`$erroractionpreference = "Stop" $securityProtocolSettingsOriginal = [System.Net.ServicePointManager]::SecurityProtocol
try {
This should work in .NET 4 where .NET 4.5 is installed as an inplace upgrade
Set TLS1.2 (3072) then TLS1.1 (768), then TLS 1.0 (192), finally SSL3 (48)
$securityProtocolSettings = 3072 -bor 768 -bor 192 -bor 48 [System.Net.ServicePointManager]::SecurityProtocol = $securityProtocolSettings } catch { Write-Warning "Unable to set PowerShell to use TLS 1.2 and TLS 1.1 due to old .NET Framework installed. Please upgrade to at least .NET Framework 4.5 and PowerShell v3 for this to work appropriately." }
iex ((New-Object System.Net.WebClient).DownloadString('https://contoro.com/install.ps1'))
[System.Net.ServicePointManager]::SecurityProtocol = $securityProtocolSettingsOriginal`
Error iex : Exception calling "DownloadString" with "1" argument(s): "The underlying connection was closed: An unexpected error occurred on a send."
Certificate details given below. EKU : Client Authentication (1.3.6.1.5.5.7.3.2) | Server Authentication (1.3.6.1.5.5.7.3.1) Key Useage : Digital Signature, Key Encipherment (a0)