Tentacle responding with wrong Certificate

I have just installed a tentacle, and I have verified that I can connect to the machine by using the TentaclePing utility, and by browsing to the address of the server, however, when I check the health of the tentacle it says:

The server presented an unexpected security certificate. We expected the server to present a certificate with the thumbprint ‘F6BD1489ED430A896F285115121D00EDF630A40A’. Instead, it presented a certificate with a thumbprint of ‘119F8777393D9C3577E6E2A7BBC5715D71ABC0E0’.

The tentacle tells me that its thumbprint is F6BD1489ED430A896F285115121D00EDF630A40A, but when queried by the Octopus server, it appears to be responding with 119F8777393D9C3577E6E2A7BBC5715D71ABC0E0

Hi Phil,

Thank you for getting in touch.

Is this a polling or listening tentacle. In the context of the certificate exchange, who is the client and who is the server depends on which side initiates the connection.

Could you please check the following:

  1. What the Octopus Server thinks it’s thumbprint is, this is found in the Web UI under Configuration -> Certificates
  2. What the Tentacle thinks it’s thumbprint is, this is found in the Tentacle Manager on the main screen
  3. What thumbprint the Tentacle is trusting, this is on the same screen as 2). I should match 1).
  4. What thumbprint the server is expecting (on the tentacle details page in the Web UI) , it should match 2)

If all that matches, also check the tentacle.config file in the tentacle data directory (usually C:\Octopus). It contains both the Tentacle Thumbprint and the thumbprints of the server(s) it trusts. It may be an issue that there are multiple trusted servers.

Finally if it’s still not working, please send me the log files from both the server and tentacle.

Hope that helps,

Robert W