Unable to install new version of pester using Install-Module -> https://pester.dev/docs/introduction/installation about docs HOT 20 CLOSED

@jahnavi175 depending on your OS and PowerShell versions, TLS 1.2 may not be used by default for Install-Module.

Last... month...ish? The PS folks updated the PowerShell Gallery repository to require TLS 1.2. I think they're working on relaxing that a little, so they still support TLS 1.2 for folks who are using it, but don't require it. But clearly they haven't got that sorted yet.

That code just tells PowerShell / .NET to permit TLS 1.2 to be used for SSL communications. 🙂

from docs.

Okay so it (Pester) still ships with 2016. The problem with tls is external to Pester, but it is nice to have it in docs.

from docs.

@jahnavi175 @vexx32 You can also look at it this way:

Most other modules are unsigned, so they give you no guarantee about the publisher, so there is no publisher to change and you get no warning.

The "risk" levels are like this, from the most risky:

• unsigned module
• signed module that "changed" publishers
• signed module that has a publisher

The first item on the list is an unsigned module, and I bet that the majority of modules you use are unsigned.

So while you get the publisher warning, it still is not less safe than using an unsigned module. My certificate is valid, and issued by a trusted certification authority. 🙂

from docs.

Could you try updating your PowershellGet module?

from docs.

Could you try updating your PowershellGet module?

Hi @nohwnd I tried that also, it gives me the error similar to the one mentioned earlier.
Please have a look at the error

from docs.

@jahnavi175 yeah you'll need to do an Install-Module PowerShellGet -Force if I recall correctly?

from docs.

@jahnavi175 yeah you'll need to do an Install-Module PowerShellGet -Force if I recall correctly?

Hi @vexx32 . I need to update from pester 3.4.0 to 4.10.1. But its actually not happening. I tried adding -Force parameter also but of no use.

Once have a look at this

from docs.

I think that's a TLS issue?

Try running this and then retrying the install:

[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor [System.Net.SecurityProtocol]::Tls12

from docs.

@vexx32

from docs.

Yep, just need to pass an extra flag or two to install-module.

Install-Module Pester -Force -SkipPublisherCheck

The certs for the current version differ because Microsoft published and signed the in-box version of Pester, but they're not doing that anymore. 🙂

from docs.

@vexx32 whats the main reason and logic behind it can you pls explain why it worked after this
[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor [System.Net.SecurityProtocol]::Tls12

from docs.

Yep, just need to pass an extra flag or two to install-module.

Install-Module Pester -Force -SkipPublisherCheck

The certs for the current version differ because Microsoft published and signed the in-box version of Pester, but they're not doing that anymore. 🙂

Yess it worked...Thanks a lot..!!

from docs.

@vexx32 would you consider updating the docs with this, please?

from docs.

I don't think it ships with 2016 server anymore, and also not with 2019. The removal is not necessary if you specify -Force (and in some cases -SkipPublisherCheck, depending on the PowerShellGet version). Please consider updating that info if you update that article. Thx.

from docs.

I don't think it ships with 2016 server anymore, and also not with 2019. The removal is not necessary if you specify -Force (and in some cases -SkipPublisherCheck, depending on the PowerShellGet version). Please consider updating that info if you update that article. Thx.

Once Have a look at this. I have run these on my new server.

Pester is updating to new version only when I am using this command [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocolType -bor [System.Net.SecurityProtocolType]::Tls12
Followed by Install-Module Pester -Force -SkipPublisherCheck

from docs.

Yeah, I can update that. The PS folks are supposedly working on fixing the TLS issue, but it might be an issue again in future for all we know.

from docs.

Hi @nohwnd @vexx32 , As you said earlier, Microsoft have stopped signing the new versions of pester. May I know the reason why they have stopped it? Also, If I Install my Pester Forcefully through -SkipPublisherCheck, wont that be a threat for my server using the non trusted and unsigned 3rd Party Modules ?

from docs.

It's not unsigned. It's just signed by a different person since the effective ownership of the module changed, that's all the warning's telling you.

Pester has always been a community module. It's popular enough that Microsoft decided they wanted to ship a version of it with Windows. To do so, they had to sign the code themselves. IMO there's no more risk having a newer version of Pester on your server than there is having the old version that MS signed off on. If you're worried you can look at the code, it's all PowerShell script after all, everything's pretty well in the open there, and it's open source anyway. 🙂

from docs.

@nohwnd Can You pls let me know who is the trusted certification authority who is signing the Pester version 4.10.1. Please confirm if 4.10.1 is a stable release that can be used.

from docs.

@jahnavi175 the certification authority is DigiCert, and it is me signing the module. Yes, 4.10.1 is a stable release.

from docs.