I’m trying to create a java keystore from a stored certificate variable, inspired by https://octopus.com/blog/wildfly-https
- my certificates will have only public keys, so I chose to export as the default - a DER encoded binary X.509 (.CER)
- I wish to avoid installing open-ssl on our servers (either the Octopus server or deployment target servers) - so wish to “re-hydrate” the certificate in it’s original form and import this into a keystore (not build another certificate as does the blog post)
I imported the certificate, and can export the certificate, however I am trying to “dump” it in a powershell script step using the following line
set-content $OctopusParameters[“dummy.Certificate”] -path c:\dummy.cer -encoding Byte
This fails with the error, set-content : Cannot proceed with byte encoding. When using byte encoding the content must be of type byte.
When I view the certificate in notepad++ it’s definitely a binary file.
When I export the certificate in original, and in binary form (DER - Binary DER encoded.), it’s the same as the file I uploaded (binary compare is identical). The first bytes of the file are “30 82 05” - checking here https://en.wikipedia.org/wiki/List_of_file_signatures - suggests this is a “DER encoded x.509 certificate”
I don’t know that much about encoding ? Can you tell me how to match the format I import the certificate with, with the required output encoding ?
Or is this just something to do with using Octopus variables in powershell and I need to convert it back from some kind of string to binary again - something like
$decoded = [System.Convert]::FromBase64CharArray($e, 0, $e.Length)
$decoded | Set-Content dummy.cer -Encoding Byte
Help appreciated !