SSL Cipher Suites - Invoke-WebRequest

This topic contains 2 replies, has 3 voices, and was last updated by Profile photo of Dave Wyatt Dave Wyatt 1 year ago.

  • Author
  • #30886
    Profile photo of Josh Schofield
    Josh Schofield

    How do I find out which cipher suites are being used when submitting an HTTPS request? I have a requirement for specific cipher suites when dealing with Good Technologies SOAP API and need to verify if they're there or not. Also, if they're not there, how do I update the cipher suites used with new ones?

    I had to do this for SOAP UI in order for it to interact with the SOAP API correctly.

    Right now I'm having to use cURL to create my requests on the command line and it is a pain.

    This is a URL reference to another person that had a similar problem and resorted to using cURL:

    This is the specific cipher suite that Good Technology references to use: TLS_RSA_WITH_AES_256_CBC_SHA256

  • #30887
    Profile photo of Jonathan Warnken
    Jonathan Warnken

    Fair warning I am just guessing. I believe that powershell uses the settings from the default browser.
    You can specify the priority of the the Cipher Suites see

  • #30900
    Profile photo of Dave Wyatt
    Dave Wyatt

    I don't think there's a way for you to specify which cipher suites the WebRequest objects negotiate in .NET (which is what Invoke-WebRequest uses). However, that particular suite should be supported on all Vista / 2008 machines and later, so I'm surprised that you'd be having any problems if that's what the server requires.

You must be logged in to reply to this topic.