In this part we will be handling SSL certificate errors when opening a link. To get around these errors, we need to find a specific element and interact with it.

Sometimes when accessing a mangement webpage of certain systems, we get a SSL certificate error. This usually happens when the default (self-signed) certificate is still in place, or when we access the system using the hostname or IP address instead of the correct FQDN that the certificate uses.

For testing purposes, we will be using www.badssl.com to test our script.

Setting up our base script.

Let’s create a simple script that navigates to a site with a self-signed SSL certificate.

$objInternetExplorer = New-Object -ComObject InternetExplorer.Application;
$objInternetExplorer.visible = $true;
$objInternetExplorer.navigate("https://self-signed.badssl.com/");

Which should display the following in our Internet Explorer window:

Waiting for the page to load.

Before we start looking for our element in our code, we need to make sure our page is actually ready. The COM object exposes the ReadyState property, which we can check and sleep (wait) while it’s loading.

while($objInternetExplorer.ReadyState -ne 4)
{
    Start-Sleep -Milliseconds 100;
}

You can find the ReadyState values from here. Note that this is an old link, but the information is still valid.

Finding the right element.

Now it’s time to take a peek at the HTML code of this specific page. In Internet Explorer right click the link, and select Inspect Element. This should open the Developer Tools on the bottom of the screen, and highlight the element in the code.

We can see that we need to interact with an <a> element with id overridelink. So lets first try to get this element in our Powershell script.

Getting the right element in our script.

To get the element by it’s id, there are generally two options.

$htmlelementOverridelink = $objInternetExplorer.Document.getElementById("overridelink");
$htmlelementOverridelink = $objInternetExplorer.Document.IHTMLDocument3_getElementById("overridelink");

So which one should you use?
Allways try to use the IHTMLDocument3_getElementByID() method. The getElementByID() tends to throw errors on certain websites. I haven’t figured out the exact cause, but using IHTMLDocument3_getElementByID allways seems to work perfectly fine.

Click the override link.

Now all we want to do is send a click to that link. This is, in fact, very easy to do so from within our script.

$htmlelementOverridelink.click();

And *poof*, we clicked the link, and the page will now load.

Alternatively, we could also click the link while getting the element in a single line:

$objInternetExplorer.Document.IHTMLDocument3_getElementById("overridelink").Click();

Which is less code, as we don’t store the element to the $htmlelementOverridelink variable first.

Full Script

$objInternetExplorer = New-Object -ComObject InternetExplorer.Application;
$objInternetExplorer.visible = $true;
$objInternetExplorer.navigate("https://self-signed.badssl.com/");

#Make sure the page is ready.
while($objInternetExplorer.ReadyState -ne 4)
{
    Start-Sleep -Milliseconds 100;
}

$htmlelementOverridelink = $objInternetExplorer.Document.IHTMLDocument3_getElementById("overridelink");
$htmlelementOverridelink.Click()

Or alternatively

$objInternetExplorer = New-Object -ComObject InternetExplorer.Application;
$objInternetExplorer.visible = $true;
$objInternetExplorer.navigate("https://self-signed.badssl.com/");

#Make sure the page is ready.
while($objInternetExplorer.ReadyState -ne 4)
{
    Start-Sleep -Milliseconds 100;
}

$objInternetExplorer.Document.IHTMLDocument3_getElementById("overridelink").Click();

Leave a Reply

Your email address will not be published.