Skip to main content

Invoke-RestMethod Self-Signed Certificate Errors

The first error you might get is this undescriptive one

Invoke-RestMethod : The underlying connection was closed: An unexpected error occurred on a send.

Run this to check the default TLS version.


If its not Tls12, add this line to the top of your powershell script.

[System.Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12

When you now rerun your script you might get this error,

Invoke-RestMethod : The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.

Basically we need to ignore the Self Signed Certificate from the destination endpoint. We can do this by adding the below code after the previous line where we set the TLS version and before your code that calls the endpoint.

if (-not ([System.Management.Automation.PSTypeName]'ServerCertificateValidationCallback').Type)
$certCallback = @"
using System;
using System.Net;
using System.Net.Security;
using System.Security.Cryptography.X509Certificates;
public class ServerCertificateValidationCallback
public static void Ignore()
if(ServicePointManager.ServerCertificateValidationCallback ==null)
ServicePointManager.ServerCertificateValidationCallback +=
Object obj,
X509Certificate certificate,
X509Chain chain,
SslPolicyErrors errors
return true;
Add-Type $certCallback

That should be it.

Let me know if this worked for you by leaving a comment.

Last updated on