My team works in a tenanted environment and we have roughly 100 tenants spread over several pods of servers. We often deploy third party certificates for various tenants and are trying to find an easier way to deploy the certificates. At the moment we are using the Import Certificate tool Octopus has, but it feels rather clunky/clicky (i.e. upload the cert to Octopus library, create the certificate variable, schedule the release and searching for the right cert, etc.)
Curious if there is any way to simply enter the certificate library, select a certificate, select an environment (CERT, PROD, DR) to deploy to and schedule the deployment. It feels like I have to go to too many different places and click through too many drop downs before I can get it to deploy.
Thank you for contacting us with your question. I can see that having to follow this process repeatedly would become tiresome!
Unfortunately, I can’t think of any way to significantly reduce the burden directly through the UI, but one of the benefits of Octopus being API-first is that you have full access to run scripts against the same API the UI uses. Using Powershell, C# or whatever language you prefer, you can create a script that will take a certificate file and automate all the actions of uploading the certificate, adding a variable, creating a release and then a deployment.
Your Octopus Server provides a Swagger UI with API documentation, and you can read more about this in our documentation on the Octopus REST API. I usually find the easiest way to determine the API calls required is to use your browser’s developer tools to view the requests the Octopus UI makes while you perform the steps you would normally use to deploy a certificate.
You can also use our C#-based Octopus.Client (documentation here) which greatly simplifies using the REST API.
I’m sorry there isn’t a simpler way, but I hope this information is helpful. Let me know if you decide to go the scripting route, and if I can assist in any way!