Automation of Certificate Uploads

Chris B's Avatar

Chris B

13 Apr, 2017 09:32 AM

Hi,

I'm trying to write a powershell script to upload a certificate into Octopus.This will be useful because we've got a large number of certs to upload and when they expire I need to enforce that the old certificate is replaced and that a new one is not just uploaded alongside it.
I can't get this to work. The same pfx/password combination upload fine through the Octopus UI.

$Name = "Test Cert Upload"
$certificateData = Get-Content "<pfx path>" -Encoding Byte
$password = '***'
$sspassword = ConvertTo-SecureString $password -AsPlainText -Force
$certDataBase64 = [System.Convert]::ToBase64String($CertificateData)
$_cert = new-object Octopus.Client.Model.CertificateResource( $Name , $certDataBase64 , $sspassword )
$repository.Certificates.Create( $_cert )

It's causing an error:
 Exception calling "Create" with "1" argument(s): "There was a problem with your request.
 - Incorrect password (otherwise possible corrupt file)

Cheers,

Chris

  1. Support Staff 1 Posted by Matt Richardson on 18 Apr, 2017 12:24 AM

    Matt Richardson's Avatar

    Hi Chris,

    Thanks for getting in touch!

    By the look of it, the password to pass to the CertificateResource constructor is a normal string, not a SecureString.

    So, you should be able to get it to work with:

    $Name = "Test Cert Upload"
    $certificateData = Get-Content "" -Encoding Byte $password = '***'
    $certDataBase64 = [System.Convert]::ToBase64String($CertificateData)
    $_cert = new-object Octopus.Client.Model.CertificateResource( $Name , $certDataBase64 , $password )
    $repository.Certificates.Create( $_cert )
    

    Hope that helps!

    Regards,
    Matt

  2. 2 Posted by Chris B on 19 May, 2017 09:45 AM

    Chris B's Avatar

    Hi,
    I've resolved this now, the problem was some of our certificates were exported from Windows Server 2003 and these are the ones causing an error on uploading to Octopus. I've reexported the problem certs from Windows Server 2012 and it all works now.

    I was going to send you a dummy certificate from Windows Server 2003 so you could test and improve your error message, but unfortunately I don't have access to the server involved.

    Thanks,

    Chris

  3. 3 Posted by Chris B on 19 May, 2017 09:48 AM

    Chris B's Avatar

    Whoops - that previous reply should have been on another problem I've raised 'Error loading certificate pfx files through Octopus UI and .net method'

  4. Support Staff 4 Posted by Matt Richardson on 21 May, 2017 11:25 PM

    Matt Richardson's Avatar

    Hi Chris

    No worries, I've moved the response to the other ticket - http://help.octopusdeploy.com/discussions/problems/54364-error-load...

    Regards,
    Matt

Reply to this discussion

Internal reply

Formatting help / Preview (switch to plain text) No formatting (switch to Markdown)

Attaching KB article:

»

Attached Files

You can attach files up to 10MB

If you don't have an account yet, we need to confirm you're human and not a machine trying to post spam.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac