I have a project variable that is of type certificate. I scope the certificate value to specific machines for their usage. If I execute an untenanted deployment of this project then I have no issues, however if I attempt to do a tenanted deployment of this project, I get an error about the tenant I am deploying to does not have access to the certificate from other tenants (in the same environment). However the deployment shouldn’t be utilizing the certificate for the machine not in the tenant I am attempting to deploy to.
This means that every deployment with this project variable has to be untenanted and always deploy to every tenant/machine. So in the case where I would need to update the certificate for a single machine, every machine in that environment has to have the project redeployed to.
Is this the intended behavior for Certificate variables+objects in Octopus Deploy?
I would prefer not to have to associate certificates to tenants where machines would not be using them, and that cross-over feels inappropriate due to the fact they are not in fact intended for the tenant not using it.
There is no option to associate a certificate object with just a machine either; environment, and tenant are the only associations possible.