Hi,
most of Octopus project variables are versioned, but certificate object passed as variable not. What to do in case when certificate is incorrect, and application need to be redeploy in order to resume operations? Certificate is still in archive and can be still valid, but cannot be used anymore.
Maybe certificates should be also versioned ? Now, even if We have some other test environments, redeploy in production is little stressful.
Best
Piotr
Hi @Piotr,
Thank you for contacting Octopus Support.
In Release “snapshots”, any variables that reference certificates do not contain the full certificate, they use the Octopus “Certificate-Id”, which points to the certificate. This is by design in order to preserve the functionality of Release in the event a certificate has been updated due to expiry.
In this case, you will likely need to replace the certificate in question with the one you need for the deployment:
If this is a one-off, you can simply repeat the process to change this back once the deployment is finished.
Hopefully that makes sense and provides you with a path forward. If you have any additional questions, please don’t hesitate to ask.
Best Regards,
Donny
Hi @donny.bell,
thanks for your quick response.
Indeed I can replace once again. But previous certificate is still in Octopus and is valid - in archive. We make certification replacement, due to certification expiration - but my concern is that the new certificate may have an issue, and break app deployment. Why Octopus simply not allow to bring back certification from archive ? Why I need replace older certificate once again in order to make rollback ?
Best regards,
Piotr
Hi @Piotr,
Thank you for getting back to me.
Unfortunately, what you are asking for is not possible in Octopus as this functionality was designed specifically to work in this way.
The only workaround is to replace the certificate temporarily as I detailed above.
If you believe we are lacking functionality in this area and would like to see this changed, we have a new “Roadmap” section of our website with a dedicated “Submit Idea” button to send your suggestions to our Development Team.
If you have any additional questions, please don’t hesitate to reach out.
Best Regards,
Donny
This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.
