Hi Swin,
I see it has been long since you posted the above. I have same issue , by any chance did you find a solution for it?
Odd issue with Invoke-RestMethod in Windows PowerShell 5.1 using the GET method
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(256, 46%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ES%3C/text%3E%3C/svg%3E)
Swin
61
Reputation points
Hi,
I'm seeing a really odd issue when invoking the Invoke-RestMethod CmdLet against a specific device using the GET method. The OS I am using is Windows 11 and I have confirmed this behaviour on multiple PCs.
If I use the Invoke-RestMethod with the POST method, all is fine. If I use the Invoke-RestMethod in PS 7.x, whether it be the GET or POST methods, all is fine. If I am really quick within a Win PS 5.1 session and issue a GET request straight after a POST request (thus I believe I am using the same TCP connection), all is fine....
Viewing a PCAP, we see that the issue appears to be after the Client Hello, Server Hello and the Certificate and Key Exchange info (all of which is fine), but then the server device sends a TLS message containing the Change Cipher Spec protocol and the Handshake protocol, at which point the client immediately sent a FIN ACK. The error seen in Win PS shows as:
PS C:\Users\me> $response = Invoke-RestMethod 'https://192.168.1.1/getxml?location=/command/security/certificates/ca/show/format' -Method 'GET' -Headers $headers
Invoke-RestMethod : The underlying connection was closed: An unexpected error occurred on a send.
At line:1 char:13
+ $response = Invoke-RestMethod 'https://192.168.1.1./getxml?location ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-RestMethod], WebExc
eption
+ FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeRestMethodCommand
If we force TLS 1.2 within Win PS 5.1, it's a little easier to see the TLS exchange and where the failure is:
Looking at a PCAP for the Invoke-RestMethod request using a POST method to the same device, we see that things just continue as normal:
$response = Invoke-RestMethod 'https://192.168.1.1/putxml' -Method 'POST' -Headers $headers -Body $body
As mentioned, the request works fine within PS 7.x and other clients (such as PostMan). It even works in PS 5.1 if issued immediately after a successfully POST request has been sent.
This feels very much like a bug, perhaps alluded to in this Stack Overflow post, albeit this was nearly a year ago!!! - https://stackoverflow.com/a/70351805/505174
If anyone has got any information on this, I would be grateful.
Windows for business | Windows Server | User experience | PowerShell
1 answer
Sort by: Most helpful
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(80, 56.00000000000001%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDR%3C/text%3E%3C/svg%3E)
Devarapu, R (Reja) 0 Reputation points2023-08-24T12:14:09.3233333+00:00 -
Swin 61 Reputation points
2023-08-24T13:15:41.65+00:00 Not for Windows PS 5.1. I think I used PS 7.x, but, of course, I can't be sure this would be installed on a Windows machine.
-
Swin 61 Reputation points
2023-08-25T08:09:11.92+00:00 Hi,
Unfortunately no, I never resolved this issue for Windows PS. I think I ignored WPS 5.1 and used PS 7.x. The bigger issue was, of course, that you could not guarantee that PS 7.x was installed on a machine, but setting the script to require a level PS version was the only way I could ensure that it failed early., e.g.:
#Requires -Version 7.0I wish I could be of more help.
Sign in to comment -