Polling tentacle can't find the Private Key

mbartongawryn · 1 August 2017 19:34

Our polling tentacle can’t seem to find the Private Key? That doesn’t make sense because I’ve checked MMC Certs that the LocalMachine certificate’s private key for the out of box cert is available. I’ve also verified that TLS 1.2 is enabled on both serves.

2017-08-01 13:07:54.5797      1  INFO  Starting Octopus Deploy: Tentacle version 3.15.0 (3.15.0+Branch.master.Sha.24e0a51de967e75040021715b1cdb6a836a6a10e) instance Tentacle
2017-08-01 13:07:54.5797      1  INFO  Environment Information:
  OperatingSystem: Microsoft Windows NT 6.1.7601 Service Pack 1
  OsBitVersion: x64
  Is64BitProcess: True
  CurrentUser: NT AUTHORITY\SYSTEM
  MachineName: DNCO-VBUAT01
  ProcessorCount: 4
  CurrentDirectory: C:\Windows\system32
  TempDirectory: C:\Windows\TEMP\
  HostProcessName: Tentacle
2017-08-01 13:07:54.7045      7  INFO  ==== RunAgentCommand ====
2017-08-01 13:07:55.2505      7  WARN  The X509 certificate CN=Octopus Tentacle was loaded but the private key was not loaded.
Furthermore, the private key file could not be located: Unable to obtain private key file name
2017-08-01 13:07:58.0897      7  INFO  Agent will trust Octopus servers with the thumbprint: 39CDD40724EAF124BAE6C132398DBECAE728FC08
2017-08-01 13:07:58.1053      7  INFO  Agent will poll Octopus server at https://*******.com:10943/ for subscription poll://*************bcx/ expecting thumbprint 39CDD40724EAF124BAE6C132398DBECAE728FC08
2017-08-01 13:07:58.1053      7  INFO  Agent will not use a proxy server
2017-08-01 13:07:58.1209      7  INFO  Agent will not listen on any TCP ports
2017-08-01 13:07:58.1209      7  INFO  The Windows Service has started
2017-08-01 13:07:58.2301      8  INFO  https://**********:10943/    8  Opening a new connection
2017-08-01 13:07:58.2613      8  INFO  https://**********:10943/    8  Performing TLS handshake
2017-08-01 13:07:58.3549      8  INFO  https://**********:10943/    8  Authentication failed while setting up connection to https://**************:10943/
System.Security.Authentication.AuthenticationException: A call to SSPI failed, see inner exception. ---> System.ComponentModel.Win32Exception: The Local Security Authority cannot be contacted
   --- End of inner exception stack trace ---
   at System.Net.Security.SslState.InternalEndProcessAuthentication(LazyAsyncResult lazyResult)
   at System.Net.Security.SslState.EndProcessAuthentication(IAsyncResult result)
   at System.Threading.Tasks.TaskFactory`1.FromAsyncCoreLogic(IAsyncResult iar, Func`2 endFunction, Action`1 endAction, Task`1 promise, Boolean requiresSynchronization)
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at Halibut.Transport.SecureClient.EstablishNewConnection()
   at Halibut.Transport.SecureClient.ExecuteTransaction(Action`1 protocolHandler)

John_Simons · 2 August 2017 02:23

Hi,

Is this a new Tentacle installation ?
What version of Tentacle and Octopus Server are you running ?

You can try to re-generate the certificate (https://octopus.com/docs/api-and-integration/tentacle.exe-command-line/new-certificate), or the simple way is to uninistall the tentacle and install it again (this creates a new certificate).

Cheers
John