Script works under Script Console, but not as a Step Template

I am trying to write a step template for binding a SSL certificate to an application (self hosted owin).

This script works when executed under Octopus’s Script Console

using System.Diagnostics;

var url = "0.0.0.0:443";
var cert = "df197c1f658f0f6daccccc6c4a97356a6a3e6151c7";
var app = "c04dbe3a-0d58-4c22-9da8-63af7ec427fa";

try
{
    Console.WriteLine("Deleting existing binding...");
    
    var add = Process.Start(new ProcessStartInfo
    {
        FileName = "netsh",
        Arguments = "http delete sslcert ipport=" + url,
        RedirectStandardOutput = true,
        UseShellExecute = false
    });
    
    add.WaitForExit();
    
    if (add.ExitCode != 0)
        Console.WriteLine(add.StandardOutput.ReadToEnd());
}
catch (Exception) {
}

Console.WriteLine("Creating new binding for cert: {0}, app: {1}", cert, app);

var add = Process.Start(new ProcessStartInfo
{
    FileName = "netsh",
    Arguments = string.Format(
        "http add sslcert ipport={0} certhash={1} appid={{{2}}}",
        url,
        cert,
        app
    ),
    RedirectStandardOutput = true,
    UseShellExecute = false
});

add.WaitForExit();

if (add.ExitCode != 0)
{
    Console.WriteLine(add.StandardOutput.ReadToEnd());
    throw new InvalidOperationException();
}

However, when it is added as a Step Template (completely verbaitem, hardcoded app and cert variables, rather than from parameters), I get the following error:

Deleting existing binding...
SSL Certificate deletion failed, Error: 2
The system cannot find the file specified.
Creating new binding for cert: df197c1f658f0f6daccccc6c4a97356a6a3e6151c7, app: c04dbe3a-0d58-4c22-9da8-63af7ec427fa
SSL Certificate add failed, Error: 1312
A specified logon session does not exist. It may already have been terminated.
ERROR: Script execution failed. [InvalidOperationException] Operation is not valid due to the current state of the object.
The remote script failed with exit code 1

If it makes any odds, I am targeting a Windows Server 2012 R2 machine.

I have been trying all kinds of different things, but am at a loss now - do you have any idea what might be causing this?

Hi Andrew,

Could you try and run the script within a Script Step within the project, this should hopefully help us figure out if it’s a step template limitation or if there is something else at play here.

Thank you and best regards,
Henrik

Morning Henrik,

It works fine under a Script Step.

Thanks,
Andy

Hi Andy,

Thanks for the reply.

It looks like there might be a bug here, could you try to add the certstorename= parameter to your netsh call with the appropriate certstore name where the cert is installed and see if that works in a step template? I will try and replicate the issue locally and raise a bug to have it fixed in a future release.

Thanks,
Henrik

Hi Henrik,

It worked once I added the certstorename=My (the certificate is in the Machine’s My store).

However…I undid that change to the step template and re-ran it…and that worked too, which is even more confusing.

Thanks again,
Andy.

Hi Andrew,

That’s strange, but good to hear that you got it working. If it crops up again, let us know and we will investigate this issue futher.

Thank you,
Henrik