Octopus Managers Self Signed Certificate creation does not create a certificate suitable for modern browser requirements and Octopus Deploy

[danefalvo]

Team

• [X] I've assigned a team label to this issue

Severity

Not blocking

Version

Latest and many previous versions

Latest Version

No response

What happened?

Octopus Manager provides an option to Generate a self-signed certificate when adding secure bindings.

The Self-signed certificate Generated does not meet the requirements to be considered a secure certificate when "trusted" when added to the Trusted Certificate Store.

Reproduction

1. On a working Octopus Deploy instance, bind your instance to a secure http URI.
2. Choose the option to generate a Secure self-signed certificate
3. Install the Self-Signed Certificate in either your Personal Certificates or in the Trusted Certificate Authorities.
4. Open the instance in your browser and note that the browser still maintains that the connection is insecure as there is a certificate error.

A working certificate command is provided in the Workaround section.

Error and Stacktrace

No response

More Information

No response

Workaround

A command that generates a suitable SSL certificate:

New-SelfSignedCertificate -DnsName "octo.domain.local" -CertStoreLocation "cert:\LocalMachine\My" -Provider "Microsoft Software Key Storage Provider" -HashAlgorithm sha256