When installing PowerShell modules from the PSGallery online gallery, you may encounter an error WARNING: Unable to resolve package source:
Install-Module SqlServer
WARNING: Unable to resolve package source ‘https://www.powershellgallery.com/api/v2’. PackageManagement\Find-Package : No match was found for the specified search criteria and module name ‘sqlserver. Try Get-PSRepository to see all available registered module repositories. NoMatchFoundForCriteria,Microsoft.PowerShell.PackageManagement.Cmdlets.FindPackage
A similar error will appear when installing any PowerShell module online via Nuget, be it Exchange Online Powershell, AzureAD, VMware PowerCLI, PSWindowsUpdate, SecretManagement, SQLServer, etc. Moreover, any PowerShell module can be easily installed manually offline.
The problem may appear in Windows 10 and Windows Server 2016 and older versions of Windows. The reason for the problem is that, by default, PowerShell tries to use the outdated and insecure TLS 1.0 protocol to connect to PSGallery. As of April 2020, the PowerShell Gallery only allows connections to a NuGet provider using TLS 1.2.
If TLS 1.0 and TLS 1.1 are not disabled on Windows , you must run the following command so that the current PowerShell session uses TLS 1.2 to connect:
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
TLS version 1.2 is supported on all versions of Windows starting with Windows 8/Windows Server 2012. The list of supported TLS versions in PowerShell can be displayed like this:
[enum]::GetNames([Net.SecurityProtocolType])
In Windows 7 SP1, to enable TLS 1.2 support, you need to install the special update KB3140245 and the MicrosoftEasyFix51044.msi patch.
If your Windows 7 does not support TLS 1.2, then when you connect to most modern mail servers using Outlook, you will receive an error 0x800CCC1A - Your server does not support the type of encryption you specified.
Now you can install or update the module from the PowerShell Gallery:
The next time you open a PowerShell console, you will need to re-enable TLS 1.2 support. The protocol versions used in PowerShell to connect can be displayed like this:
[Net.ServicePointManager]::SecurityProtocol
To avoid having to enable the use of TLS1.2 each time you start PowerShell, you can change the default TLS version for the .NET Framework. To do this, use PowerShell to make the following registry changes:
Set-ItemProperty -Path ‘HKLM:\SOFTWARE\Wow6432Node\Microsoft\.NetFramework\v4.0.30319’ -Name ‘SchUseStrongCrypto’ -Value ‘1’ -Type DWordIf your computer is connected to the Internet through a proxy server, make sure that the PowerShell session is configured to connect through a proxy:
Set-ItemProperty -Path ‘HKLM:\SOFTWARE\Microsoft\.NetFramework\v4.0.30319’ -Name ‘SchUseStrongCrypto’ -Value ‘1’ -Type DWord
netsh winhttp show proxy
You can import proxy server settings from Windows system settings (Internet Explorer).
netsh winhttp import proxy source=ie