Add multiple SSL thumbprint in Octopus deploy step

Hi Guys,

I need to deploy a build on 4 different servers but all under same environment and their deployment target is also same.

Ex: web1, web2, web3, web4
These are my 4 servers and they have 4 different SSL certificates stored on their servers.

Is there any way to deploy the build and add a variable or something like that which first matches the SSL thumbprint and deploy the build accordingly to the environment.

I’ve tried to deploy the build, but just able to deploy on a single server whose thumbprint matching with that server, and build is failing on the rest of 3 servers.

Please suggest further. Thanks


Hi @atif.inayat!

Thanks for reaching out!

Just so I can get you the right answer here, I just wanted to clarify your scenario. Do you have 4 individual webservers that you’re deploying to, or 4 websites on one webserver? The only reason I ask is because you mention that the deployment target is the same.

Hi Justin,

Thanks for your response.

I’ve 4 different servers, the reason I am using single deployment target to finish it off in single deployment step, else I can create the 4 deployment steps with different environments targets and set the SSL thumbprint for each (this works).

I want to use the 4 HTTPS bindings (1 each for server) within single deployment step.

This should be possible in one of a couple of ways:

  1. Adding multiple roles to your targets and then using a scoped variable in your Step:

  2. Using the Tenants feature to do the same with Tenant Variables.

I hope this helps answer your question, and please let me know if there’s anything else I can assist you with.

I am not sure about the Tenants feature although option#1 is only useful when certificates are managed by Octopus, It doesn’t work for the externally managed certificates and in my case certificates are managed externally.

Anyways, separate build steps approach works for me :slight_smile:

Thanks for your help Justin.

Hi @atif.inayat

No problems at all - just as a small heads-up, you can use the same setup with externally managed certificates, just doing the variable containing the thumbprints of the external certificates, as opposed to the certificates themselves.

Have a great day!

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.