The Windows Antimalware Scan Interface (AMSI) is a versatile standard that allows applications and services to integrate with any antimalware product present on a machine. AMSI is vendor agnostic and...
Updated Sep 01, 2021
Version 3.0
Blog Post
Hi Sir
I've ran .\Test-AMSI.ps1 on Exchange 2016 CU21 but get below SSL/TLS connection error. Any idea?
I'm sure AMSI is running and functional since CU21 upgrade on end of June. I'm keep follow related articles posted by Exchange Team.
Test-AMSI : The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. At C:\Batch\AMSI\Test-AMSI.ps1:124 char:1 + Test-AMSI + ~~~~~~~~~ + CategoryInfo : NotSpecified: (:) [Write-Error], WriteErrorException + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Test-AMSI If you are using Microsoft Defender then AMSI may be disabled or you are using a AntiVirus Product that may not be AMSI capable (Please Check with your AntiVirus Provider for Exchange AMSI Support)
Updated how to fixed.
Add below script in front Function Test-AMSI section.
function Test-AMSI {
if (-not ([System.Management.Automation.PSTypeName]'ServerCertificateValidationCallback').Type)
{
$certCallback = @"
using System;
using System.Net;
using System.Net.Security;
using System.Security.Cryptography.X509Certificates;
public class ServerCertificateValidationCallback
{
public static void Ignore()
{
if(ServicePointManager.ServerCertificateValidationCallback ==null)
{
ServicePointManager.ServerCertificateValidationCallback +=
delegate
(
Object obj,
X509Certificate certificate,
X509Chain chain,
SslPolicyErrors errors
)
{
return true;
};
}
}
}
"@
Add-Type $certCallback
}
[ServerCertificateValidationCallback]::Ignore()