Merge pull request #7 from pauby/bug/add-tls12-support

nmaludy · web-flow · commit ae092035e563 · 2020-04-28T11:42:56.000-04:00
Add TLS 1.2 support for Windows PowerShell
diff --git a/lib/puppet/provider/package/windowspowershell.rb b/lib/puppet/provider/package/windowspowershell.rb
@@ -7,7 +7,9 @@
 
   def self.invoke_ps_command(command)
     result = powershell(['-NoProfile', '-ExecutionPolicy', 'Bypass', '-NonInteractive', '-NoLogo', '-Command',
-                         "$ProgressPreference = 'SilentlyContinue'; $ErrorActionPreference = 'Stop'; #{command}"])
+                         # The following section of the -Command forces powershell to use tls1.2 (which it does not by default currently unless set system wide): [Net.ServicePointManager]::SecurityProtocol = [Net.ServicePointManager]::SecurityProtocol -bor [Net.SecurityProtocolType]::Tls12
+                         # Without tls1.2 you cannot install modules from PSGallery
+                         "$ProgressPreference = 'SilentlyContinue'; $ErrorActionPreference = 'Stop'; [Net.ServicePointManager]::SecurityProtocol = [Net.ServicePointManager]::SecurityProtocol -bor [Net.SecurityProtocolType]::Tls12; #{command}"])
     result.lines
   end
 end
diff --git a/lib/puppet/provider/pspackageprovider/windowspowershell.rb b/lib/puppet/provider/pspackageprovider/windowspowershell.rb
@@ -4,7 +4,9 @@
 
   def self.invoke_ps_command(command)
     result = powershell(['-NoProfile', '-ExecutionPolicy', 'Bypass', '-NonInteractive', '-NoLogo', '-Command',
-                         "$ProgressPreference = 'SilentlyContinue'; $ErrorActionPreference = 'Stop'; #{command}"])
+                         # The following section of the -Command forces powershell to use tls1.2 (which it does not by default currently unless set system wide): [Net.ServicePointManager]::SecurityProtocol = [Net.ServicePointManager]::SecurityProtocol -bor [Net.SecurityProtocolType]::Tls12
+                         # Without tls1.2 you cannot install modules from PSGallery
+                         "$ProgressPreference = 'SilentlyContinue'; $ErrorActionPreference = 'Stop'; [Net.ServicePointManager]::SecurityProtocol = [Net.ServicePointManager]::SecurityProtocol -bor [Net.SecurityProtocolType]::Tls12; #{command}"])
     result.lines
   end
 end
