diff --git a/lib/ansible/modules/windows/win_uri.ps1 b/lib/ansible/modules/windows/win_uri.ps1 index 7d04055d61..951cfbd9bf 100644 --- a/lib/ansible/modules/windows/win_uri.ps1 +++ b/lib/ansible/modules/windows/win_uri.ps1 @@ -67,6 +67,16 @@ if ($status_code) { } } +# Enable TLS1.1/TLS1.2 if they're available but disabled (eg. .NET 4.5) +$security_protocols = [Net.ServicePointManager]::SecurityProtocol -bor [Net.SecurityProtocolType]::SystemDefault +if ([Net.SecurityProtocolType].GetMember("Tls11").Count -gt 0) { + $security_protocols = $security_protocols -bor [Net.SecurityProtocolType]::Tls11 +} +if ([Net.SecurityProtocolType].GetMember("Tls12").Count -gt 0) { + $security_protocols = $security_protocols -bor [Net.SecurityProtocolType]::Tls12 +} +[Net.ServicePointManager]::SecurityProtocol = $security_protocols + $client = [System.Net.WebRequest]::Create($url) $client.Method = $method $client.Timeout = $timeout * 1000 @@ -98,17 +108,6 @@ if (-not $validate_certs) { [System.Net.ServicePointManager]::ServerCertificateValidationCallback = { $true } } -# Enable TLS1.1/TLS1.2 if they're available but disabled (eg. .NET 4.5) -$security_protcols = [Net.ServicePointManager]::SecurityProtocol -bor [Net.SecurityProtocolType]::SystemDefault -if ([Net.SecurityProtocolType].GetMember("Tls11").Count -gt 0) { - $security_protcols = $security_protcols -bor [Net.SecurityProtocolType]::Tls11 -} -if ([Net.SecurityProtocolType].GetMember("Tls12").Count -gt 0) { - $security_protcols = $security_protcols -bor [Net.SecurityProtocolType]::Tls12 -} -[Net.ServicePointManager]::SecurityProtocol = $security_protcols - - if ($null -ne $content_type) { $client.ContentType = $content_type }