Last active
January 31, 2023 20:38
-
-
Save michaellwest/71bcd53ab6291a2130b9d3648a2c9ad8 to your computer and use it in GitHub Desktop.
Issues related to a LetsEncrypt certificate unable to validate against the Certificate Revocation List (CRL).
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Exception: System.Security.Authentication.AuthenticationException | |
| Message: The remote certificate is invalid according to the validation procedure. | |
| Source: System | |
| at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, Exception exception) | |
| at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest) | |
| at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) | |
| at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) | |
| at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest) | |
| at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) | |
| at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) | |
| at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest) | |
| at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) | |
| at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) | |
| at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest) | |
| at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) | |
| at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) | |
| at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest) | |
| at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest, Boolean renegotiation) | |
| at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult) | |
| at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx) | |
| at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx) | |
| at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state) | |
| at System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult result) | |
| at System.Net.TlsStream.Write(Byte[] buffer, Int32 offset, Int32 size) | |
| at System.Net.PooledStream.Write(Byte[] buffer, Int32 offset, Int32 size) | |
| at System.Net.ConnectStream.WriteHeaders(Boolean async) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $webRequest = [Net.WebRequest]::Create("https://www.company.com") | |
| try { $webRequest.GetResponse() } catch {} | |
| $cert = $webRequest.ServicePoint.Certificate | |
| $bytes = $cert.Export([Security.Cryptography.X509Certificates.X509ContentType]::Cert) | |
| set-content -value $bytes -encoding byte -path "$pwd\company.cer" | |
| certutil.exe -verify -urlfetch "$pwd\company.cer" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment