PeterVandivier
### TL;DR:
I cannot supply a private key file to `Invoke-RestMethod`. How do I authenticate to a service that requires mutual TLS?
---
I have a `curl` command I know to work. I would like its equivalent using `Invoke-RestMethod` and I feel like I’m missing something obvious in [the docs][1]. Given the following curl, how do i specify `--key` (and `--insecure`) for `Invoke-RestMethod`?
```
curl \
--request POST \
--url 'https://api.com/login' \
--header 'Content-Type: application/json;charset=utf-8' \
--data-raw '{"api_key": "foo","api_secret": "bar"}' \
--insecure \
--cert ~/.ssh/foo.crt \
--key ~/.ssh/foo.key
```
```
$splat = @{
Method = 'POST'
Uri = 'https://api.com/login'
Headers = @{'Content-Type'='application/json;charset=utf-8'}
Body = @{api_key='foo'; api_secret='bar'}
# Insecure = $true ??
Certificate = (Get-PfxCertificate '~/.ssh/foo.crt')
# Key = ??
}
Invoke-RestMethod @splat
```
It seems rather obvious that `--cert` and `-Certificate` correspond. But I don't see a parameter to supply my private [`--key`][2].
---
### Additional Info
#### `--insecure`
I don't fully understand why [`--insecure`][3] is required for the `curl` call, but omitting it produces the following error...
> curl: (60) SSL: no alternative certificate subject name matches target host name '10.0.0.10'
> More details here: https://curl.haxx.se/docs/sslcerts.html
>
> curl failed to verify the legitimacy of the server and therefore could not establish a secure connection to it. To learn more about this situation and how to fix it, please visit the web page mentioned above.
...so I rather assume it has something to do with accessing the IP address and not having signed that address as part of the cert. There's a number of candidate Parameters on the `Invoke-RestMethod` I can try for this, but I need to work through supplying the private key properly first I think.
#### Changing `$Error`
Not sure what I've changed, but in the course of writing this up, the `$Error` returned has changed from...
1. first error
> Authentication failed, see inner exception.
...with an `$Error[0].Exception.InnerException` of...
> Interop+AppleCrypto+SslException: handshake failure
2. second error
> The remote certificate is invalid according to the validation procedure.
...with no other `.InnerException`.
---
Oh well... off to the server logs, I suppose ¯\\\_(ツ)_/¯
[1]: https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.utility/invoke-restmethod
[2]: https://curl.haxx.se/docs/manpage.html#--key
[3]: https://curl.haxx.se/docs/manpage.html#-k