Test ComputerSecureChannel - PowerShell


Test-ComputerSecureChannel verifies the integrity of the Secure Channel (SChannel) on a specified computer. It checks whether the computer’s registry settings, system time, certificates, and cryptographic settings are configured correctly to establish a secure connection.


Test-ComputerSecureChannel [-ComputerName] <string> [-Port] <int> [-IgnoreCertificateErrors]
[-IgnoreRevocationErrors] [-IgnoreTimeSkewErrors] [-ReturnErrorOnFailure]


  • -ComputerName: Specifies the name of the target computer to be tested.
  • -Port: Specifies the port number to use for SChannel testing. The default is 443.
  • -IgnoreCertificateErrors: Skips certificate validation checks. By default, certificate errors cause the command to fail.
  • -IgnoreRevocationErrors: Skips revocation checks on certificates. By default, revocation errors cause the command to fail.
  • -IgnoreTimeSkewErrors: Skips time skew checks between the local computer and the target computer. By default, time skew errors cause the command to fail.
  • -ReturnErrorOnFailure: Returns an error object if any test fails. By default, the command only displays a summary of failures.


  • Simple Test:
Test-ComputerSecureChannel -ComputerName server1
  • Detailed Test with Error Handling:
$result = Test-ComputerSecureChannel -ComputerName server2 -ReturnErrorOnFailure

if ($result.HasErrors) {
    Write-Error "Errors occurred during the test:"
    $result.Errors | ForEach-Object { Write-Error $_.Exception }

Common Issues

  • Time skew errors: Ensure that the clocks on the local and target computers are synchronized.
  • Certificate errors: Verify the validity of the certificates used for SChannel communication.
  • Revocation errors: Contact the certificate authority (CA) to ensure that the certificates haven’t been revoked.


Test-ComputerSecureChannel can be integrated with other commands for advanced testing scenarios. For example, you can use it with Invoke-WebRequest to test HTTPS connections:

$webRequest = Invoke-WebRequest -Uri https://server1 -ComputerName server1 -TestSecureChannel