Octopus Deploy docker container SSL support

Is there any update on the “coming soon” container SSL support for Octopus Deploy Server?

https://help.octopus.com/t/octopus-deploy-docker-container-ssl-support/23937

Hi Pete

At this point, we dont have any further updates on this, as it gets somewhat complicated to make an easy to use solution.

As per the other ticket, you can put it behind a reverse proxy, or even build your own container image on top of ours - docker is great for layering images on top of another.

We are investing in our docker containers at the moment, but our focus is on linux containers right now rather than this kind of change.

Hope that helps!

Regards,
Matt

Hi Matt

I am able to run the Octopus Deploy Server as a Docker container on Windows on an AWS EC2 instance. Using the Application Load Balancer (ALB) I’m able to use SSL to the ALB.

However I get an SSL error when trying to connect a polling tentacle via the ALB, it works fine however if the I connect via the EC2 DNS - however as this is dynamic I don’t want to do this…

Do you have any recommendation for connecting a polling tentacle via a ALB?

Also are there plans for proxy server support for tentacles for example using ZScaler appears to use HTTPS (to the tentacle) instead of HTTPS over HTTP - is that supported? I’m not using a proxy at the moment but can see that being my next challenge…

Thanks, Pete

Hi @pete1

I’m taking over from Matt as he has cycled off onto some other work.

With the ALB I believe the issue is SSL termination. We require that communications from Tentacle to Server (or Server <> Tentacle) maintain encryption end to end, and from the research I’ve done your ALB will be terminating the connection. As far as I know it’s not possible to configure ALB’s to allow for SSL pass-through, although I’m not 100% on that.

It’s a little outside my area but it appears that NLB’s may allow for what you need, it also may be possible to export and import our certificate to re-encrypt the connection with our certificate, I haven’t personally done that however. This bit of doco may help.

As for proxy support in Tentacle, the answer to your question is not at this point. You can see our documentation page on proxies here.

Hope that helps,

Regards,
Alex