Bit of an unusual one that’s testing my Google-fu.
We’ve got certificates stored with the private key within Octopus and are attempting to deploy them to a Windows 2012 Server.
Importing certificate 'CN=xxxxxx' with thumbprint '123456' into store 'LocalMachine\My'
There was an error importing the certificate into the store
Could not read PFX
System.Exception
at Calamari.Integration.Certificates.WindowsX509CertificateStore.GetCertificatesFromPfx(Byte[] pfxBytes, String password, PfxImportFlags pfxImportFlags)
at Calamari.Integration.Certificates.WindowsX509CertificateStore.ImportPfxToStore(CertificateSystemStoreLocation storeLocation, String storeName, Byte[] pfxBytes, String password, Boolean useUserKeyStore, Boolean privateKeyExportable)
at Calamari.Integration.Certificates.WindowsX509CertificateStore.ImportCertificateToStore(Byte[] pfxBytes, String password, StoreLocation storeLocation, String storeName, Boolean privateKeyExportable)
at Calamari.Commands.ImportCertificateCommand.ImportCertificate(CalamariVariableDictionary variables)
at Calamari.Commands.ImportCertificateCommand.Execute(String[] commandLineArguments)
at Calamari.Program.Execute(String[] args)
--Inner Exception--
Access denied.
System.Security.Cryptography.CryptographicException
at Calamari.Integration.Certificates.WindowsX509CertificateStore.GetCertificatesFromPfx(Byte[] pfxBytes, String password, PfxImportFlags pfxImportFlags)
The remote script failed with exit code 100
The action Add Certificate on XXXXX failed
The Octopus user has administrator access to the target machine and we can manually add the certificate through when logging on as that user.
Have also tried other certificates to no avail and other stores (web hosting).
Anyone seen this behavior?