2 Replies Latest reply on Feb 17, 2017 11:15 AM by gregor

    PI WebAPI with https and Powershell


      On a (non https) server, the following works i.e the same as what's in IE. The client machine is on the same AD domain.

           Invoke-RestMethod -Uri "http://wserver/piwebapi/attributes?path=\\AF\oaxk_analytics_temp\1FC990124%7CTrend" -UseDefaultCredentials

      but when I run the same over the https it returns

           Invoke-RestMethod : The remote server returned an error: (401) Unauthorized.


      With some google help  I have tried ignoring certificates,

           [System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}

      This time the error is

            Invoke-RestMethod : The underlying connection was closed: An unexpected error occurred on a send.

        • Re: PI WebAPI with https and Powershell
          John Messinger

          Hi Mark,


          The issue here is to do with the use of self signed certificates for the PI Web API. You can work around this in PowerShell my creating a certificate policy that will effectively ignore invalid certificates (such as self signed certs):


          add-type @"

                  using System.Net;

                  using System.Security.Cryptography.X509Certificates;


                      public class SelfSignedPolicy : ICertificatePolicy {

                      public SelfSignedPolicy() {}

                      public bool CheckValidationResult(

                          ServicePoint sPoint, X509Certificate cert,

                          WebRequest wRequest, int certProb) {

                          return true;




          [System.Net.ServicePointManager]::CertificatePolicy = new-object SelfSignedPolicy


          You can then call the Invoke-RestMethod cmdlet to return the required output from the PI Web API. Found this solution here.

          • Re: PI WebAPI with https and Powershell

            Hello Mark,


            Have you tried importing the self-signed certificate of your PI Web API host to your local Trusted Root Certificate store?