Importing a Certificate to Octopus Certificate Store

operations

(Mohamed Cassim) #1

We are using Lets Encrypt certificates for our sites.
This means that the certificates will need to be renewed periodically.
I see that the Octopus Certificate store does not currently work with Lets Encrypt
We could re-request a Lets Encrypt certificate for each deployment via the community step - but this will mean if we do a lot of deployments we will reach our lets encrypt api limits.
What would be better if we could automatically import the certificate to Octopus Certificate Store and deploy it from there.
The only way this will work is if we write a external script to periodically renew the certificates and import them via api to Octopus.
However I can’t see api methods for adding a certificate to the certificate store on Octopus as per this documentation https://github.com/OctopusDeploy/OctopusDeploy-Api/wiki/Certificates.

Is there an api method we can use and if not what other options are available to us to achieve this?


(Lawrence Wilson) #3

Hi,
Thanks for getting in touch! I’m sorry for the long delay in getting back to you on this one. In this case one option could be to use octopus.clients to install your certificate into Octopus.

Here is a link to an example script which would take care of getting the cert into Octopus via the API using Octpous.Clients.

One other piece of onfirmation which might help here is our documentation on swagger. Under the swagger UI, you should be able to drill down to the certificiates section to see a list of the available API endpoints.

You could even use our recurring deployments feature to take care of renewing your lets encrypt certificates as well!

I look forward to hearing if this documentation is helpful to you, and please feel free to keep in touch if you would like any other information.

Kind regards,
Lawrence.