I’m looking into using Octopus to start pushing our certificates to our servers instead of doing it via PowerShell.
I’d eventually like to make it where each project pushes its own certificates; but for now it needs to be something more global, where we push a new cert to all servers and grant permissions to IIS_IUSRS.
Ideally I’d like to be able to select the certificate at deploy time, so that I can have a project to deploy a new cert to all servers. However, it doesn’t look like that’s possible; there doesn’t seem to be a way to have a prompted certificate variable.
I could work around it by updating the variables each time we have a new cert to push out, but I’m hoping there’s something more straightforward that I’m missing. (We’re still on 2018.1.5, but I don’t see anything relevant in the release notes of later versions.)
Thanks for getting in touch. What you’ve described would be good, but there’s currently no feature that will do exactly that.
The closet idea we’ve got is using drop down control type on a text based prompted variable. This will mean you’re storing the certificate thumbprints.
Manually put in the certificate values (thumbprints) in the
thumbprint|label style, see screenshot.
Then at deployment time it’ll be a drop down list.
We have plans for a large project to bring in more consistency and capability across variables but we don’t have a timeline on when work will start on that yet - https://github.com/OctopusDeploy/Issues/issues/4390
Let us know how you go
Thanks for the reply. I don’t think that’s particularly useful in my case, since the cert I want to install will be constantly changing; seems easier to update a cert variable to the new cert, rather than updating the process each time.
But It’s good to know in case something applicable does come up. Thanks for the response!
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.