voltron/NodeMgmt
1
1
Fork 0
Code Issues Pull Requests Releases 1 Activity

Update vCenter-SSL.ps1

Browse Source
This commit is contained in:
David Schroeder
2025-11-15 18:59:29 -06:00
parent 7640165703
commit 8daa91ff71
1 changed files with 17 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

56
inc/vCenter-SSL.ps1
View File

@@ -1,10 +1,10 @@
#!/usr/bin/env pwsh #!/usr/bin/env pwsh
# ----------------------------------------------------------------------------------- # -----------------------------------------------------------------------------------
# Linux-safe vCenter + Posh-ACME Script (Fully Fixed) # vCenter + Posh-ACME Script (Linux/macOS-safe)
# - SSL validation bypass (Linux-compatible) # - Uses -SkipCertificateCheck to bypass SSL validation
# - Proper ErrorRecord handling # - Proper ErrorRecord handling
# - PowerDNS plugin works (plain string API key) # - PowerDNS plugin uses plain string API key
# - Fault-tolerant certificate handling # - Fault-tolerant ACME certificate handling
# ----------------------------------------------------------------------------------- # -----------------------------------------------------------------------------------
. /opt/idssys/nodemgmt/conf/powerwall/settings.ps1 . /opt/idssys/nodemgmt/conf/powerwall/settings.ps1
@@ -47,7 +47,7 @@ function Show-Failure {
} }
# ---------------------------- # ----------------------------
# HttpClient wrapper (TLS1.2, skip cert check, no decompression) # Invoke-RestMethod wrapper with SkipCertificateCheck
# ---------------------------- # ----------------------------
function Invoke-SafeRestMethod { function Invoke-SafeRestMethod {
param( param(
@@ -55,52 +55,30 @@ function Invoke-SafeRestMethod {
[string]$Method = 'GET', [string]$Method = 'GET',
[hashtable]$Headers = @{}, [hashtable]$Headers = @{},
$Body = $null, $Body = $null,
[switch]$AsJson, [switch]$AsJson
[int]$TimeoutSec = 60
) )
try { try {
$handler = [System.Net.Http.HttpClientHandler]::new() $params = @{
$handler.AutomaticDecompression = [System.Net.DecompressionMethods]::None Uri = $Uri
# Proper SSL bypass Method = $Method
$handler.ServerCertificateCustomValidationCallback = { param($sender, $cert, $chain, $sslPolicyErrors) return $true } Headers = $Headers
SkipCertificateCheck = $true
$client = [System.Net.Http.HttpClient]::new($handler) ErrorAction = 'Stop'
$client.Timeout = [System.TimeSpan]::FromSeconds($TimeoutSec)
foreach ($k in $Headers.Keys) {
$client.DefaultRequestHeaders.Remove($k) | Out-Null
$client.DefaultRequestHeaders.Add($k, $Headers[$k])
} }
if ($Body -ne $null) { if ($Body -ne $null) {
if ($AsJson) { if ($AsJson) {
$jsonBody = $Body | ConvertTo-Json -Depth 12 -Compress $params.Body = ($Body | ConvertTo-Json -Depth 12 -Compress)
$content = [System.Net.Http.StringContent]::new($jsonBody, [System.Text.Encoding]::UTF8, 'application/json') $params.ContentType = 'application/json'
} else { } else {
$content = [System.Net.Http.StringContent]::new($Body) $params.Body = $Body
} }
} else { $content = $null }
$methodObj = [System.Net.Http.HttpMethod]::$Method
$request = [System.Net.Http.HttpRequestMessage]::new($methodObj, $Uri)
if ($content) { $request.Content = $content }
$response = $client.SendAsync($request).GetAwaiter().GetResult()
$respBody = if ($response.Content) { $response.Content.ReadAsStringAsync().GetAwaiter().GetResult() } else { $null }
if ($response.IsSuccessStatusCode) {
if ($respBody -and $respBody.Trim().Length -gt 0) {
try { return $respBody | ConvertFrom-Json } catch { return $respBody }
} else { return $respBody }
} else {
throw [System.Net.Http.HttpRequestException]::new("HTTP $($response.StatusCode): $($response.ReasonPhrase)", $null, $response)
} }
return Invoke-RestMethod @params
} catch { } catch {
Show-Failure -ErrorRecord $_ Show-Failure -ErrorRecord $_
} finally {
$client.Dispose()
$handler.Dispose()
} }
} }