PowerShellGallery
PowerShellGallery copied to clipboard
PowerShell
SSL Cert errors for PnP.Powershell UntrustedRoot
Prerequisites
- [X] Write a descriptive title.
- [X] Make sure you are able to repro it on the latest version
- [X] Search the existing issues.
Steps to reproduce
Import-Module failing for any version of PnP.Powershell Install-Module -Name PnP.PowerShell -AllowPrerelease invoke-webrequest "https://www.powershellgallery.com/api/v2/package/PnP.PowerShell/1.11.84-nightly" Invoke-WebRequest: The remote certificate is invalid because of errors in the certificate chain: UntrustedRoot
Expected behavior
The Install-Module succeeds.
Actual behavior
WARNING: Source Location 'https://www.powershellgallery.com/api/v2/package/PnP.PowerShell/1.11.84-nightly' is not valid.
Install-Package: Package 'PnP.PowerShell' failed to download.
Error details
Exception :
Type : System.Net.Http.HttpRequestException
TargetSite :
Name : MoveNext
DeclaringType : System.Net.Http.ConnectHelper+<EstablishSslConnectionAsync>d__2, System.Net.Http,
Version=6.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
MemberType : Method
Module : System.Net.Http.dll
Message : The SSL connection could not be established, see inner exception.
InnerException :
Type : System.Security.Authentication.AuthenticationException
TargetSite :
Name : Throw
DeclaringType : System.Runtime.ExceptionServices.ExceptionDispatchInfo
MemberType : Method
Module : System.Private.CoreLib.dll
Message : The remote certificate is invalid because of errors in the certificate chain: UntrustedRoot
Source : System.Private.CoreLib
HResult : -2146233087
StackTrace :
at System.Net.Security.SslStream.SendAuthResetSignal(ProtocolToken message, ExceptionDispatchInfo exception)
at System.Net.Security.SslStream.CompleteHandshake(SslAuthenticationOptions sslAuthenticationOptions)
at System.Net.Security.SslStream.ForceAuthenticationAsync[TIOAdapter](TIOAdapter adapter, Boolean receiveFirst,
Byte[] reAuthenticationData, Boolean isApm)
at System.Net.Http.ConnectHelper.EstablishSslConnectionAsync(SslClientAuthenticationOptions sslOptions,
HttpRequestMessage request, Boolean async, Stream stream, CancellationToken cancellationToken)
Source : System.Net.Http
HResult : -2146233087
StackTrace :
at System.Net.Http.ConnectHelper.EstablishSslConnectionAsync(SslClientAuthenticationOptions sslOptions,
HttpRequestMessage request, Boolean async, Stream stream, CancellationToken cancellationToken)
at System.Net.Http.HttpConnectionPool.ConnectAsync(HttpRequestMessage request, Boolean async, CancellationToken
cancellationToken)
at System.Net.Http.HttpConnectionPool.CreateHttp11ConnectionAsync(HttpRequestMessage request, Boolean async,
CancellationToken cancellationToken)
at System.Net.Http.HttpConnectionPool.AddHttp11ConnectionAsync(HttpRequestMessage request)
at System.Threading.Tasks.TaskCompletionSourceWithCancellation`1.WaitWithCancellationAsync(CancellationToken
cancellationToken)
at System.Net.Http.HttpConnectionPool.GetHttp11ConnectionAsync(HttpRequestMessage request, Boolean async,
CancellationToken cancellationToken)
at System.Net.Http.HttpConnectionPool.SendWithVersionDetectionAndRetryAsync(HttpRequestMessage request, Boolean
async, Boolean doRequestAuth, CancellationToken cancellationToken)
at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, Boolean async, CancellationToken
cancellationToken)
at System.Net.Http.HttpClient.<SendAsync>g__Core|83_0(HttpRequestMessage request, HttpCompletionOption
completionOption, CancellationTokenSource cts, Boolean disposeCts, CancellationTokenSource pendingRequestsCts,
CancellationToken originalCancellationToken)
at Microsoft.PowerShell.Commands.WebRequestPSCmdlet.GetResponse(HttpClient client, HttpRequestMessage request,
Boolean keepAuthorization)
at Microsoft.PowerShell.Commands.WebRequestPSCmdlet.ProcessRecord()
TargetObject : Method: GET, RequestUri:
'https://psg-prod-eastus.azureedge.net/packages/pnp.powershell.1.11.84-nightly.nupkg', Version: 1.1, Content: <null>,
Headers:
{
User-Agent: Mozilla/5.0
User-Agent: (Windows NT 10.0; Microsoft Windows 10.0.22000; en-US)
User-Agent: PowerShell/7.2.6
}
CategoryInfo : InvalidOperation: (Method: GET, Reques…PowerShell/7.2.6
}:HttpRequestMessage) [Invoke-WebRequest], HttpRequestException
FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeWebRequestCommand
ErrorDetails : The remote certificate is invalid because of errors in the certificate chain: UntrustedRoot
InvocationInfo :
MyCommand : Invoke-WebRequest
ScriptLineNumber : 1
OffsetInLine : 1
HistoryId : 20
Line : invoke-webrequest
"https://www.powershellgallery.com/api/v2/package/PnP.PowerShell/1.11.84-nightly"
PositionMessage : At line:1 char:1
+ invoke-webrequest "https://www.powershellgallery.com/api/v2/package/P …
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
InvocationName : invoke-webrequest
CommandOrigin : Internal
ScriptStackTrace : at <ScriptBlock>, <No file>: line 1
Environment data
Name Value
---- -----
PSVersion 7.2.6
PSEdition Core
GitCommitId 7.2.6
OS Microsoft Windows 10.0.22000
Platform Win32NT
PSCompatibleVersions {1.0, 2.0, 3.0, 4.0…}
PSRemotingProtocolVersion 2.3
SerializationVersion 1.1.0.1
WSManStackVersion 3.0
Version
1.11.84-nightly or any other version
Visuals
No response
Hi @HBSbwilliamson, can you send us the output of Get-PSRepository? I think that separate from UntrustedRoot issue, there may be an issue with the source location appearing in the exception message.
