Automated Deploy with Octopus - Install Certificates

7/15/2020 Certificates Octopus CI/CD Sitecore

Here, I take the certificates loaded in the Library section of Octopus and install it to its correct store applying the permissions it needs to access and exchange thumbprints if it needs to

OMG look how many ppl have commented

If you have not already, please read the Intro of this Article series. Otherwise, this may seem rather vague and little confusing. I use this step template in every project of my automated deploy process. In fact, I used this template so much, I created my own step template based off the Import Certificate template provided by the Octopus public library.

For every project, I need to install the Root Certificate (mentioned in the intro article) to the Trusted Root Certification Authorities so all other certificates can be trusted. In this particular step template I created, I filled in the fields Certificate Variable to sitecoreRootCert, Store Location to LocalMachine, Store Name to Root, Private Key Exportable to true, and Private Key Access to #{applicaitonPoolUser} with FullControl.

For all other certificates, I set the Store Name to My.

For the XConnect Client Certificate, I added Local Service to Private Key Access in addition to #{applicationPoolUser}. This makes it possible for the XConnect Windows services to work (if they are registered under Local Service)