[Xymon] How to get Windows Update info from client

[Jonathan Trott]

Hi Kris.

Nice work on the figuring!

Checking the code for xymonclient.ps1 finds this function:

function XymonDownloadFromURL([string]$downloadURL, 
[string]$destinationFilePath)
{
    $downloadURL = $downloadURL.Trim()
    WriteLog "XymonDownloadFromURL - Downloading $downloadURL to 
$destinationFilePath"
    $client = New-Object System.Net.WebClient
    try
    {
        # for self-signed certificates, turn off cert validation
        # TODO: make this a config option
        [Net.ServicePointManager]::ServerCertificateValidationCallback = 
{$true}
        $client.DownloadFile($downloadURL, $destinationFilePath)
    }
    catch
    {
        WriteLog "Error downloading: $_"
        return $false
    }
    return $true
}

A bit of googling returns the collective knowledge that by default that 
command only uses TLS 1.0. Seems broken....
Apparently you can add the following line to enable more protocols:

[Net.ServicePointManager]::SecurityProtocol = "tls12, tls11, tls"

So I'll copy in the xymon list so someone more knowledgeable can tell me 
that I am wrong.

Thanks,
JT

> I figured it out!  I set my server up to only use TLSv1.2 and apparently
> the Xymon PS download scripts can't work with v1.2, they need 1.0.  When
> I reduced the TLS level down to allow v1.0 on my server it downloaded
> the file as expected.
> 
> Any idea how to allow the Xymon client scripts to work with TLSv1.2?
> 
> 
> Thank you.
> ------------------------------------------------
> Kris Springer
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20180607/21d36d73/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 9598 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20180607/21d36d73/attachment.bin>