Bind New certificate on Octopus Server

Hello Dear

Just a quick question. Our SSl ceretificate on Octopus server are expiring and we need to replace them new certificates which are already imported. Could you please guide what we need to do bind new certificates.

is this the right way to do:-

Any other things we need to do on tentacle side or on Octopus Server.

Thanks
Sunil Bindra

Hi Sunil,

Thanks for reaching out.

You can do it with the command line you’ve linked if you prefer, but it may be easier to do it with the octopus server manager. You would need to click change bindings in the upper left, then remove the old https entries and re-add them and select the appropriate certificate. I’ve attached a gif showing this below. Please keep in mind this will restart your Octopus service.

image

Please let me know if the CLI or the manager option works for you.

Thanks,
Jeremy

Hi Jermy
Thanks for the answer. After updating we are getting error while creating the release in all teh projects where we are using project ID rather than Name. Is it something we need to chnage at TFS side as well.
Erro:-

Handshake successful. Octopus version: 2018.9.7; API version: 3.0.0
2020-09-17T12:59:08.4344535Z Authenticated as: TFS Build Server (a service account)
2020-09-17T12:59:08.4657020Z Found environments:
2020-09-17T12:59:08.4813278Z This Octopus Server supports channels
2020-09-17T12:59:08.5907072Z Cannot find the project with name or id ‘Error: unable to get local issuer certificate’. Please check the spelling and that you have permissions to view it. Please use Configuration > Test Permissions to confirm.
2020-09-17T12:59:08.5907072Z This error is most likely occurring while executing octo as part of an automated build process. The following doc is recommended to get some tips on how to troubleshoot this: https://g.octopushq.com/OctoexeTroubleshooting
2020-09-17T12:59:08.5907072Z Exit code: -1
Thanks

Hi,

Can you please confirm that the new certificate is trusted? In the meantime, if you are blocked you should be able to use the ignore SSL errors option to get around it.

image

Please let me know.

Thanks,
Jeremy

Hi Jeremy

I tried above “Checking Ignore SSL”. Also tried generating new API Key and use that in TFS. I am also getting error while pushing.
Requesting signature for delta compression from the server for upload of a package with id ‘AttributionService’ and version ‘0.1.0-jmoscrop-144963-0001+146266’
2020-09-17T17:08:51.5463158Z Calculating delta
2020-09-17T17:08:52.4056848Z The delta file (7,965,636 bytes) is 42.76% the size of the original file (18,628,949 bytes), uploading…
2020-09-17T17:08:52.5150595Z Something went wrong while performing a delta transfer:
2020-09-17T17:08:52.5150595Z Falling back to pushing the complete package to the server
2020-09-17T17:08:52.7181858Z
2020-09-17T17:08:52.7181858Z Error from Octopus Server (HTTP 500 InternalServerError)

And Yes the certificate is internal CA that is trusted on all desktop and servers.

Thanks

Hi,

Can you please check the Octopus Server logs for the corresponding information and paste it here?

Thanks,
Jeremy

Thanks jeremy

Sorry I didnt have acces to the logs, so thats why it took time. But i manage to resolve the issue.

  1. Octopus server ran out of space, so fixed that.
  2. And I need to generate new API key from Octopus and update again in TFS, this resolve the issue.

Thanks for Your Help. really Appreciated

1 Like

Hi Sunil,

You’re very welcome. No worries on the delay, I’m glad to hear you got it going and thank you for the update and the resolution.

I hope you have a great weekend.

Thanks,
Jeremy