Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
Allows you to pull down a remote systems SSL certificate regardless of whether it's trusted or not. This was made for Powershell Core, so should work on any platform than runs PS Core. No ServicePoint required. Specifically created to pull down and convert a vCenter's SSL Cert and convert to SHA256 thumbprint for registration to NSX-T.
Function Get-SSLCert{
Gets SSL certificate of remote system.
Gets SSL certificate of remote system in order to get it's thumbprint.
Returns the certificate as object.
Get-SSLCert -SHA256Thumbprint
This will simply output the certificates thumbprint as SHA256 format replacing "-" with ":".
Made to enable capturing a vCenter certificate's thumbprint in SHA256 format to register in NSX-T as a compute manager.
.PARAMETER SHA256Thumbprint
Captures certificate and outputs SHA256 formatted thumbprint. Defaults to false.
Required string value can be DNS or IP Address.
Define the port to connect to. 443 is default, can be modified to match endpoints actual port for SSL communications.
Authored by: K. Chris Nakagaki
param (
$Port = 443
$Certificate = $null
$TcpClient = New-Object -TypeName System.Net.Sockets.TcpClient
try {
$TcpClient.Connect($URI, $Port)
$TcpStream = $TcpClient.GetStream()
$Callback = { param($sender, $cert, $chain, $errors) return $true }
$SslStream = New-Object -TypeName System.Net.Security.SslStream -ArgumentList @($TcpStream, $true, $Callback)
try {
$Certificate = $SslStream.RemoteCertificate
} finally {
} finally {
if ($Certificate) {
if ($Certificate -isnot [System.Security.Cryptography.X509Certificates.X509Certificate2]) {
$Certificate = New-Object -TypeName System.Security.Cryptography.X509Certificates.X509Certificate2 -ArgumentList $Certificate
$SHA256 = [Security.Cryptography.SHA256]::Create()
$Bytes = $Certificate.GetRawCertData()
$HASH = $SHA256.ComputeHash($Bytes)
$thumbprint = [BitConverter]::ToString($HASH).Replace('-',':')
Switch ($SHA256Thumbprint)
Write-Output $Certificate
Write-Output $thumbprint
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.