Hi,
most of Octopus project variables are versioned, but certificate object passed as variable not. What to do in case when certificate is incorrect, and application need to be redeploy in order to resume operations? Certificate is still in archive and can be still valid, but cannot be used anymore.
Maybe certificates should be also versioned ? Now, even if We have some other test environments, redeploy in production is little stressful.
In Release “snapshots”, any variables that reference certificates do not contain the full certificate, they use the Octopus “Certificate-Id”, which points to the certificate. This is by design in order to preserve the functionality of Release in the event a certificate has been updated due to expiry.
In this case, you will likely need to replace the certificate in question with the one you need for the deployment:
Hi @donny.bell,
thanks for your quick response.
Indeed I can replace once again. But previous certificate is still in Octopus and is valid - in archive. We make certification replacement, due to certification expiration - but my concern is that the new certificate may have an issue, and break app deployment. Why Octopus simply not allow to bring back certification from archive ? Why I need replace older certificate once again in order to make rollback ?
Unfortunately, what you are asking for is not possible in Octopus as this functionality was designed specifically to work in this way.
The only workaround is to replace the certificate temporarily as I detailed above.
If you believe we are lacking functionality in this area and would like to see this changed, we have a new “Roadmap” section of our website with a dedicated “Submit Idea” button to send your suggestions to our Development Team.
If you have any additional questions, please don’t hesitate to reach out.