2 Replies Latest reply on Feb 17, 2017 11:15 AM by gregor

    PI WebAPI with https and Powershell

    mpalladi_cvx

      On a (non https) server, the following works i.e the same as what's in IE. The client machine is on the same AD domain.

           Invoke-RestMethod -Uri "http://wserver/piwebapi/attributes?path=\\AF\oaxk_analytics_temp\1FC990124%7CTrend" -UseDefaultCredentials

      but when I run the same over the https it returns

           Invoke-RestMethod : The remote server returned an error: (401) Unauthorized.

       

      With some google help  I have tried ignoring certificates,

           [System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}

      This time the error is

            Invoke-RestMethod : The underlying connection was closed: An unexpected error occurred on a send.

        • Re: PI WebAPI with https and Powershell
          messingerj

          Hi Mark,

           

          The issue here is to do with the use of self signed certificates for the PI Web API. You can work around this in PowerShell my creating a certificate policy that will effectively ignore invalid certificates (such as self signed certs):

           

          add-type @"

                  using System.Net;

                  using System.Security.Cryptography.X509Certificates;

           

                      public class SelfSignedPolicy : ICertificatePolicy {

                      public SelfSignedPolicy() {}

                      public bool CheckValidationResult(

                          ServicePoint sPoint, X509Certificate cert,

                          WebRequest wRequest, int certProb) {

                          return true;

                      }

                  }

          "@

          [System.Net.ServicePointManager]::CertificatePolicy = new-object SelfSignedPolicy

           

          You can then call the Invoke-RestMethod cmdlet to return the required output from the PI Web API. Found this solution here.

          • Re: PI WebAPI with https and Powershell
            gregor

            Hello Mark,

             

            Have you tried importing the self-signed certificate of your PI Web API host to your local Trusted Root Certificate store?