A hearty hello to everyone!
I have set up an Azure Function App (S1 SKU) and I am trying to use one of the functions as a client that sends an HTTPS-Request to another web server (API). I do this using the Powershell Cmdlet Invoke-RestMethod which I provide with a certificate in order to authenticate my request to the web server. (This certificate has been added to the trusted certificates of the web server's cert store.)
$cert = Get-AzKeyVaultCertificate -VaultName $keyVaultName -Name $certificateLabel
Invoke-RestMethod -Method 'GET' -URI $URI -Certificate $cert.Certificate
Where $cert.Certificate is a X509Certificate2 object. However, I am unable to establish trust between the two parties because the SSL validation yields: UntrustedRoot. Here is the exception I get when calling Invoke-RestMethod:
"The remote certificate is invalid because of errors in the certificate chain: UntrustedRoot"
I understand why this occurs. Unlike classic servers, "serverless" Azure functions have no certificate store that checks for certificates for validity. Thus I cannot upload the trusted root and intermediate certificates.
How do I establish trust for the root and intermediate certificates in this case?
When presenting ChatGPT with this problem, it suggested implementing a custom ssl validation callback that handles the trust validation. But it also warned of using this in a production environment as the validation procedure should be carefully implemented.
Is there another workaround or a thorough guide for custom ssl validation callbacks?
Thank you very much for your time in advance!
I'd start with skipping the certificate check, just to crack on with the rest of the coding.
ref: https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.utility/invoke-restmethod?view=powershell-7.3