Certs Management in linux Env Deployments

(SRINIVAS NAMILLA) #1

HI Team,

I know Octopus supports well for Certs Management/deployment in Windows world.

How does Octopus work with Certs Management in linux env deployments. i didnt find any documention on it.

(Michael Richardson) #3

Hi,

You’re correct, some of the certificate integrations are Windows-specific (e.g. Importing into the Windows certificate store, IIS bindings). But others will work on Windows or Linux. e.g:

You can also use certificates in script steps. When you add a certificate variable to your project, Octopus makes available the properties of the certificate during the deployment. This opens up using certificates for just about anything.

Can I ask, how were you hoping to use certificates?

(SRINIVAS NAMILLA) #4

HI,

We are going to deploy application into apache and wondering if there is an easy way to get the new deployed version pointed to apache web root like in windows octopus automatically binds latest deployed package into IIS and perform bindings and assign certs etc…

can we do same in linux as well? how?

(Michael Richardson) #5

There is no built-in step for Apache, like there is for IIS.

The approach would be to create a Run a Script step, and script the integration yourself. In the step you will have access to any certificate variables in the project. This blog post gives an example of using certificate variables in a custom script.

Based on this page, it seems you need the write the certificate and key to separate files containing the PEM representations. So if you had a certificate named AcmeTls, the variables AcmeTls.CertificatePem and Acme.PrivateKeyPem would contain the PEM representations of the certificate and private-key respectively.

I hope that helps!