Could not verify the server's certificate

I am attempting to use the Web Deploy script from:!/step-template/actiontemplate-web-deploy-publish-website-(msdeploy)

When trying to deploy my application,. I get this exception due to an invalid certificate (which I cannot change):

Exception calling “SyncTo” with “4” argument(s): “Connected to the remote computer (“XXX.XXX.XXX.XXX”) using the specified process (“Web Management Service”), but could not verify the server’s certificate. If you trust the server, connect again and allow untrusted certificates.”

Unfortunately even if I use a patch to ignore cert errors (supposedly) and add this line to the script:

[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}

It still breaks, but this time with an even less useful error:

Exception calling “SyncTo” with “4” argument(s): "Could not connect to the remote computer (“XXX.XXX.XXX.XXX”). On the remote computer, make sure that Web Deploy is installed and that the required process (“Web Management Service”) is started.

Any ideas? This is very frustrating for something as straight forward as using web deploy to publish a web app.

I’m having this same issue. I’m able to deploy from VS2012 using the same web deployment path with no issues. As soon as I run the step template for web deploy from octopus, it fails with the same error the Jason.Black has come across.

Hi Ranjit and Jason,

Are you using the credentials from the publishing profile for the azure site ? (assuming you’re using azure)

Are you able to post a screenshot of your process configuration for the web deploy step ? (blank out anything sensitive if you need to).


I just ran into the same problem.
It is not hosted on Azure. I tried the [System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true} fix as well. Got the same errors as Jason.Black.

I get the same error when using the MSDeploy (Web Deploy) template.
In my case, I am trying to deploy to an Azure website.

I get exactly the same 2 errors as with and without ServerCertificateValidationCallback = {$true} , although I’m not entirely certain where this line of code needs to be placed within the script.

Does the web deploy step execute on a Tentacle or on the Octopus deploy server?
MSDeploy is installed on the Tenticle machine but not on the Octopus deploy server.

What screenshots do you need to help resolve this?

I followed the guide here to setup the process step:

I have attached a screen shot of my step configuration, it looks the same as the image in the guide.

Looks ok.

This step will run on a tentacle, and for some reason the tentacle doesn’t trust the certificate that the azure publish url server has. Are your tentacle machines behind a proxy ? Have any cert trust issues in general ?

Can you do a command line web deploy from the tentacle machine ?


As it happens yes, we do have other issues with certificates.

I’ll bring it up with our network team.

In the meantime, is there a way to ignore an untrusted certificate?

I managed to fix the issue today.
Changes needed:

In de top of the file:
[System.Net.ServicePointManager]::ServerCertificateValidationCallback += { $true }

Replace computername:
$destBaseOptions.ComputerName = $publishUrl (not sure if this one is required)

Comment or delete the line:
#$destBaseOptions.AuthenticationType = “Basic”

After these changes my deployment worked!
In my template, I created a checkbox option ‘Ignore Certificate’ so I can turn these on or off.

Hope this helps you guys!