Step template Defaults

Is there any way to set environment defaults for Octopus Deploy steps (and subsettings)?

Specifically I would like to set the default for Binding (https) Server Name Indication -> Required = TRUE instead of the default of False.

We had an issue with a production deployment were we missed setting this value and it messed up a different site by applying the certificate to 2 sites that were unrelated.

Not sure it that’s specifically an Octopus problem but the setting defaults for our environment would be awesome.

Hi Paul,

Thanks for getting in touch. If we understand your question we believe Custom Step Templates would offer what you’re after, have you discovered them and had a try yet?

Have a look at our docs on those, here’s a link to the parameters section where you can set a default value

Let us know how you go, with more details if you’re still looking for a solution.


Yes, I have looked at Custom Templates, but no that will not be sufficient for what we are trying to achieve.

That’s a lot of re-engineering of something that already exists within Octopus and then the ongoing maintenance of those templates if changes are made.

All I was hoping for is that we could look at some system defaults inside octopus itself for Octopus supplied templates. That could be as simple as a series of XML/JSON files that are put into a particular directory on the Octopus Server(s) or it could be as sophisticated as you guys build a UI that sits over them.

In this specific case, if it’s an IIS deployment and we configure a binding and that binding is HTTPS… I would like “Server name identification” Required Default to TRUE instead of the current default of FALSE.

Hi Paul,

We had a chat about this, the only way to achieve what you’re after is to use Custom Step Templates.

To address your re-engineering effort concern if you have a lot of projects to manage you can do this change using the API, we have some examples in this repository:

Also if it’s not clear you can base your step on the IIS base template, so the creation of your custom step shouldn’t be a lot of effort, it will just be the default change you’re after.


Hi Nick,

So I made a copy of the IIS WebSite, but that still doesn’t let me customise the behaviour of the Add Binding. I have no option to customise how the defaults inside each binding.

If you can give me a link/export that allows me to customise that my problem will be solved, but right now I still would endup with the Default behaviour of when someone specifies HTTPS binding, that they forget to turn on SNI.

We are 60 projects into about 150 projects that are being converted from a home baked deployment process and I just want to make sure that everyone gets the SNI right. I know we can review but i’d prefer prevent issues by making the defaults more specific for our environment.

IIS::Binding::HTTPS::SNI = true

Hi Paul,

That’s right, Octopus doesn’t have a way to customize the behavior of existing steps. If you use a Custom Step Template you’re moving towards something more rigid but with the benefit of tighter control and default values.

If you make a Custom Step Template that is based on the “Deploy to IIS” step you can set up 1 or a handful of bindings for the consumers of the step template to use

Then when the step users make use of it in their projects, they will supply values to the step template via the parameter input, and you can be sure the SNI is set to true, on the binding(s) you let them have on the step.

Will this approach work for you? It takes away some control but gives you guarantees of similar/correct configuration.


I guess we’ll just have to put some other form of validation around our projects.

It’s such a shame that we can’t figure out some way to be able to customise the behaviour/default of the Add Binding because that’s all we need.

Hi Paul,

I appreciate the request is pretty straight forward, but unfortunately we just don’t have a global way to override the defaults in the steps that ship with Octopus Deploy with in the exact way you want.

If you know for a fact that SNI should always be turned on for HTTPS bindings, you can some code that runs periodically that either reports on when it’s not, or even just turns it on. This regular piece of code would need to loop over all projects, and inspect their deployment process looking for bindings. I completely appreciate it’s not trivial, and it’s something else to maintain, if you do try this, and get stuck with the code please drop us a line and we can help out.

How many project maintainers do you have? Can you tackle this by reaching out to them to remind them to make it part of their project management process to be on the look out for value chosen for SNI?


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.