PFX Certificate uploaded doesn't match what I can do in Powershell

I’ve uploaded a pfx certificate to Octopus.

The base64encoded version of this cert needs to be embedded in a manifest file to deploy to a target env. (outside the scope of this discussion.)

In powershell I can run:
[System.Convert]::toBase64String($(Get-Content .\cert.pfx -Encoding Byte)) and get a very long encoded string. I guess this is the encryption of both private and public keys.

Most everything I do in octopus resolves to the Base64Encryption of what I presume is only the Public key.
$OctopusVariables[“Certificate.pfx”] also resolves to a differing string. I don’t know why

Any assistance here would be appreciated.

Hi Mark,
When you run [System.Convert]::toBase64String($(Get-Content .\cert.pfx -Encoding Byte)) in PowerShell, this will give you the base64 encoded version of the encrypted cert.pfx file, as they are usually password protected.
The equivalent of this in terms of an Octopus variable would be $OctopusParameters["Certificate.RawOriginal"].

when using $OctopusParameters[“Certificate.pfx”] this would be the certificate in PKCS#12 format including the private key.

We also have a docs page here which explains the different variables accessible on the certificate.

I hope that helps, please let me know if you have any further questions.

Kind Regards,
Tom W

Thanks Tom,

Yes I’ve been through all the variables on that page.
Unfortunately in my testing those 2 (Base64 encoding on my local console, and the RawOriginal) are not equivalent.

I’ll continue via another option for now, thanks for the reply.


Hey Mark,

That’s really strange, I just setup a sample scenario to test it out before replying.
What version of Octopus are you currently using?

Kind Regards,
Tom W

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.