Need to share certificate for tentacle on two servers

We have an odd scenario at the moment. We are using SQL Server High Availability in production. Our Octopus installation package needs to run on whatever server is the current primary. The good news is there is a dns name that always points at the current master. Therefore, we could point the Octopus server at that name. However, this only works if both tentacles have the same certificate. How do we get the tentacles to have the same certificate (and thumbprint)?

Hi Tom,

Thanks for getting in touch! This can be done by setting creating a certificate on one machine:

tentacle.exe new-certificate -e MyFile.txt

Now on both machines:

tentacle.exe import-certificate -f MyFile.txt

You’ll also need to make sure both machines have the same SQUID. You can do this by editing the Tentacle configuration file, which is usually at:


In that file you’ll find a line like this:

<set key="Octopus.Communications.Squid">SQ-STOVELLMAC-61CDF77Z</set>

You’ll need to ensure that these lines match on both machines.

That said, this isn’t a scenario we test Octopus with - in general it might be best to run Tentacle on a different, non-clustered server and have it execute the SQL commands remotely. Would this be possible?