Where can I find the SSL Thumbprint for an HTTPS binding? We have a hex value for the field “Thumbprint” in the certificate’s details page, but when I put that in to Octopus Deploy and deployed, I got the message:
Could not find certificate under Cert:\LocalMachine with thumbprint HEX THUMBPRINT. Make sure that the certificat
e is installed to the Local Machine context and that the private key is availab
thumbprint $sslCertificateThumbprint. Make sure that the certificate is instal
led to the Local Machine context and that the private key is available."
+ CategoryInfo : OperationStopped: (Could not find …y is availa
ble.:String) , RuntimeException
+ FullyQualifiedErrorId : Could not find certificate under Cert:\LocalMach
ine with thumbprint HEX THUMBPRINT
19 96. Make sure that the certificate is installed to the Local Machine co
ntext and that the private key is available.
I also tried putting in the value for the SSL Certificate and got the same message. Which exact field in IIS goes in the IIS Thumbprint field under process in Octopus Deploy?
Yes, this is the thumbprint that you need to use. Which version of Octopus are you using? The certificates dialog in Windows is notorious for putting extra whitespace around the thumbprint, including a hidden whitespace character at the front of the thumprint. So if the thumbprint looks like:
<hidden whitspace>AB 27 CC 14 78...
You need to delete the hidden whitespace (copy and paste it to notepad, put your caret before the first character, hit backspace a few times), and all the spaces in between so that you are left with:
Also, the certificate that you are looking at needs to be in the Local Machine certificate store rather than a user-specific store (so that IIS can find it).
Thank you so much for getting back with me so quickly. I did have whitespace in my thumbprint. I deleted the whitespace and it was able to locate the certificate.
Is this something that is now in the documentation? If so can you supply a link?
Works well for me now that I found this thread.
It’s something we try to trim out and manage without needing extra documentation. If you pasted the thumbprint into the UI and still had the issue we may have not be trimming the whitespace in all instances (which is annoying!).
I’ll investigate and if I can repro I’ll log a bug to fix.
It looks like he’s using a variable $sslCertificateThumbprint rather than pasting the thumbprint directly in, where it would have been trimmed. Could that be why?
Good pickup James!
I’ll see if I can repro that.
Removing all the white spaces from the Thumbprint solved my issue.
I had the same issue, thanks!
I’ve made sure that my certificate’s thumbprint has no spaces (in between or at the beginning). I also checked that my certificate is configured under Local Computer (and not User-specific account) but still no luck.
I’m using Octopus 22.214.171.1248 and get the following same error message from above user-
Finding SSL certificate with thumbprint 00cd1d9c583f9
Could not find certificate under Cert:\LocalMachine with thumbprint
00cd1d9c583f9cc69c6b55f8990e8738fd. Make sure that the certificate is
installed to the Local Machine context and that the private key is available.
What else could be wrong? Am I missing something? Thanks
Are you putting the cert thumbprint in the binding dialog directly or using a variable ?
I’ve tried both. I was using variables initially, then I switched to setting the value straight in the dialog.
Would there be a way to skip IIS binding setup at all? My app creates a subdomain for each client and I don’t fancy updating this deployment step every time I have to setup a new client.