Question with certificate variables and their properties

Stephen_Burns · 11 September 2017 05:20

Hi,

I’m using Octopus Deploy 3.16.2

Based on the documentation at: https://octopus.com/docs/deploying-applications/variables/certificate-variables I’m using an Octopus “Certificate” variable in order to inject a certificate’s subject name into a .Net service’s web.config configuration.

Previously, the subject name was hard-coded e.g. as “MySubject” and the certificate could be retrieved by using the “FindBySubjectName” certificate finder.

Octopus is injecting the distinguished subject name i.e. “CN=MySubject” into the configuration. This entails updating the certificate finder wherever it’s used in code and the configuration. This would be fine if there were only one service to be updated and if I had control over all the other services.

Is there a way I can have Octopus inject just the subject i.e. “MySubject” into the configuration?

thank you,
Steve

Michael_Richardson · 12 September 2017 12:39

Hi Stephen,

You are correct, the value of the Subject variable is the full Distinguished Name.

I have added an issue to provide a CommonName variable, which will contain the value you wish.

For my curiosity, could you not use the FindBySubjectDistinguishedName FindType, rather than FindBySubject?

Regards,
Michael

Stephen_Burns · 12 September 2017 22:53

Hi Michael,

Thanks for your response. Yes, I’m using FindBySubjectDistinguishedName in the services I’m working on. However, we have many other services that will need to be updated so I was hoping there would be some way of making this change seamlessly i.e. an Octopus only configuration change.