I can do every thing spelled out in the installation instructions except for the install of the new certificate.
Can you provide a means to allow this to take place.
This is an exact capture of what happens when I’m running this from a session from my machine (enterpssession)
[Server.mydomain.com]: PS C:\Program Files\Octopus Deploy\Tentacle> .\Tentacle.exe new-certificate --instance=“Tentacle” --console
Octopus Deploy: Tentacle version 2.0.13.1100
A fatal exception occurred
System.IO.FileNotFoundException: Could not load file or assembly ‘Octopus.Shared.XmlSerializers’ or one of its dependencies. The system cannot find the file specified.
File name: 'Octopus.Shared.XmlSerializers’
at System.Reflection.RuntimeAssembly._nLoad(AssemblyName fileName, String codeBase, Evidence assemblySecurity, RuntimeAssembly locationHint, StackCrawlMark& stackMark, IntPtr pPrivHostBinder, Boolean throwOnFileNotFound, Boolean forIntrospection, Boolean suppressSecur
ityChecks)
at System.Reflection.RuntimeAssembly.LoadWithPartialNameInternal(AssemblyName an, Evidence securityEvidence, StackCrawlMark& stackMark)
at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo)
at Octopus.Shared.Security.CertificateGenerator.Generate(String fullName, Boolean exportable) in c:\TeamCity\buildAgent\work\1116bd9da9e239fd\source\Octopus.Shared\Security\CertificateGenerator.cs:line 27
at Octopus.Shared.Configuration.TentacleConfiguration.GenerateNewCertificate() in c:\TeamCity\buildAgent\work\1116bd9da9e239fd\source\Octopus.Shared\Configuration\TentacleConfiguration.cs:line 158
at Octopus.Tentacle.Commands.NewCertificateCommand.Start() in c:\TeamCity\buildAgent\work\1116bd9da9e239fd\source\Octopus.Tentacle\Commands\NewCertificateCommand.cs:line 35
at Octopus.Shared.Startup.ConsoleHost.Run(Action`1 start, Action shutdown) in c:\TeamCity\buildAgent\work\1116bd9da9e239fd\source\Octopus.Shared\Startup\ConsoleHost.cs:line 36
Hi Thom,
Unfortunately PS Remoting by default runs without a user profile, which is necessary when generating certificates.
There’s some information here about using profiles with powershell remoting: http://stackoverflow.com/questions/2985032/powershell-remoting-profiles
Paul
We actually had luck invoking the “Start-Process” cmdlet through a remote session and using the “-Loaduserprofile” switch parameter that Start-Process has. Here is an example:
$session = New-Pssession -computername (use -Credential if you need to specify creds)
Invoke-Command -Session $sesssion -ScriptBlock {Start-Process -FilePath “D:\Program Files\Octopus Deploy\Tentacle\Tentacle.exe” -ArgumentList ‘new-certificate --instance “Tentacle” --if-blank --console’ -LoadUserProfile}
This worked successfully for us.
P.S. I am working on a Powershell module right now to help manage Octopus tentacles.
Hi Jim,
Thanks for your post, its an interesting parameter that I was not aware of. Hopefully that helps out other users if they come along with the same requirements.
Cheers,
Robert
I’ve also been struggling with this, but could not get the powershell method to work at all (even creating a session first). Fix for me was to use psexec with -h and -i to give both elevated permissions and allow it to interact with the desktop. Bit of a pain and would be great to see the deployment of Tentacles improved.
Hello,
Update: After posting what seemed to be a successful way to run the --new-certifacte remotely through Start-Process, we have begun to see this to be inconsistent. I do not currently have an explanation as to why we are not seeing it work consistently but what I have now done to get around this is:
Create the cert using “–new-certificate” on my workstation.
Copying the .txt file to a share location
Accessing the share location from the server and importing the cert using “–import-certificate”.
So far this has worked reliably and consistently but I am not crazy about the work around, unfortunately that is the only way I have gotten this to work remotely. Once I finalize the code I can share it.