Question
Answer and Explanation
To check if a website supports TLS 1.2 using PowerShell, you can use the Test-NetConnection cmdlet in combination with some custom logic to inspect the TLS/SSL handshake.
Here's a PowerShell script that attempts to establish a TLS 1.2 connection to a specified website and reports the result:
function Test-WebsiteTLS12Support {
param(
[string]$WebsiteURL
)
try {
$Result = Test-NetConnection -ComputerName $WebsiteURL -Port 443 -InformationLevel Detailed
if ($Result.TcpTestSucceeded) {
$TLSVersion = $Result.TlsVersion
if ($TLSVersion -eq "TLS 1.2") {
Write-Host "TLS 1.2 is supported for $WebsiteURL"
} else {
Write-Host "TLS 1.2 is NOT supported for $WebsiteURL. TLS Version: $($TLSVersion)"
}
} else {
Write-Host "TCP Connection Failed for $WebsiteURL"
}
} catch {
Write-Host "An error occurred: $($_.Exception.Message)"
}
}
# Example Usage:
Test-WebsiteTLS12Support -WebsiteURL "example.com"
Explanation:
1. Function Definition: The script defines a function Test-WebsiteTLS12Support to encapsulate the logic.
2. Test-NetConnection: It uses the Test-NetConnection cmdlet to test the TCP connection and retrieve detailed information, including the TLS version.
3. Port 443: It specifically targets port 443, which is the standard port for HTTPS.
4. TLS Version Check: It checks if the TlsVersion property of the result is "TLS 1.2".
5. Error Handling: The try-catch block handles potential errors during the connection attempt.
How to Use:
1. Save the script as a .ps1 file (e.g., CheckTLS12.ps1).
2. Run the script in PowerShell, providing the website URL as a parameter.
For example:
.\CheckTLS12.ps1 -WebsiteURL "www.example.com"
This script provides a basic check. For more robust testing, you might need to consider different scenarios like SNI (Server Name Indication) and specific cipher suites, which could require more advanced PowerShell scripting or the use of external tools.