Automate New Tentacle Registration From Octopus Server, Not From Where The Tentacle Is Installed

So here’s the scenario. We have an Octopus server that is not listening for connections on a public IP address. I want to be able to spin up EC2 instances, install tentacle, etc. and then register the new instance with Octopus. I have the process of installing Tentacle on the EC2 instance worked out so that any new instance I create has the Tentacle service running and I can go through the Octopus GUI to add it to a role and environment. I want to automate that process but from the server side rather than the client side, since the EC2 instances are not able to connect to the Octopus server to register themselves. I’ve seen plenty of examples of how to do the registration from the box where the Tentacle service is running but is it possible to do it from the other side?

Hi @Brushwood,

Thanks for reaching out. You can use the API to do the exact same process you’d normally do from the web UI.

There’s an OSS project called Octoposh that could give you a hand here:

Project site:

Let me know if that works,

That gets me about 99% of the way there. The only part I am missing now is that I don’t have the tentacle cert thumbprint. In the GUI you don’t need to know this to register a tentacle. It is presented to you through the registration flow. Is there a way to connect to the tentacle and get it’s cert thumbprint to then use to register it?

Hi @Brushwood,

You are absolutely right. The Octopus portal hits the /discover endpoint to automagically get the Tentacle’s thumbprint remotely. I totally should have included that in the example to make the overall experience much nicer.

Thanks to your comment I’ve added it to the example (go back to the same link to see the changes), and I’ve also added a github issue to enhance this in Octoposh:

Let me know if the new example work.

Perfect. This works and I’m able to automate the whole process end-to-end. Thanks.