Deploying individual certs per site on iis using octopus
Currently i have several sites hosted on an iis environment, i made self-signed certificates, saved them on octopus, created scoped variables per environment, however, whenever i make a new release all certificates on the 443 bindings on all sites are changed,
Whenever i check the release output logs i see that the change is only applied to the site i want, so i think is it more related to the ssl iis plugin on octopus, how can i configure it so each deployment only affects the scoped site?
Turns out that this is a limitation of IIS, and in order to achieve this you need to require server name indication (which is a feature of iis 8+), the procedure goes like this:
on the "deploy an IIS Website step template, right on the bingings section, you can create https 443 bindings where you can specify a cert and check the "require sni" option, to automatically deploy certs per each virtual host.
- openssl how to check server name indication (SNI)
- How to I deploy nextjs application in a production environment, using ssl?
- How can I create a TLS/SSL connection to a mongodb instance on AWS with a certificate made by certificate manager? Health check failed
- Is there a way to get the OpenSSL X509 certificate name that im sending to peer in C++?
- pip always fails ssl verification
- Trust Anchor not found for Android SSL Connection
- How to add self-signed generated certificate to trusted certificates from inside a Java keystore?
- How to force Laravel Project to use HTTPS for all routes?
- Using Keycloak behind a reverse proxy: Could not open Admin loginpage because mixed Content
- Python SSL default context not including TLS 1.1 or SSL 2 ciphers
- How do I switch Docker containers with .NET Blazor applications from HTTP to HTTPS?
- Creating self signed certificate for domain and subdomains - NET::ERR_CERT_COMMON_NAME_INVALID
- javax.net.ssl.SSLHandshakeException: Received fatal alert: unknown_ca
- How to simulate non-SNI browsers (without SNI support)?
- How to access phpmyadmin on DDEV Windows 10 pro localhost with SSL record too long error
- cURL with SSL certificates fails: error 58 unable to set private key file
- Specifying Arduino WiFiClientSecure Certificates
- maxscale cannot find gtid_binlog_pos
- FreeSWITCH TLS error in 'Client Hello' Request
- ASP.NET Core Development Certificates - error exporting the HTTPS developer certificate
- Get certificate's public key in the PKCS8 format
- Why is Firefox not trusting my self-signed certificate?
- Difference between pem, crt, key files
- Is it a good idea to distribute docker image containing my selfsigned certificate?
- PKIX path building failed: unable to find valid certification path to requested target on chaincode commit on Hyperledger Fabric production network
- enable https jenkin server on ubuntu 24.04
- OkHTTP (v3.0.0-RC1) Post Request with Parameters
- SSL handshake error (CERTIFICATE_VERIFY_FAILED) in grpc++
- Convert .pem to .crt and .key
- How can I decode a SSL certificate using python?