I would like to add a Deployment Task of type [Export Certificate]
I define a task as follows:
I get an error message :
2020-08-04 15:29:17.930 +02:00 [ERR] Failed to copy to destination file: d::Access to the path ‘d:’ is denied.
I have tried granting rights, tried local user instead of service user, nothing seems to work. Has anybody have had any succes with this?
You must give it a file name to export to. Such as
Perhaps it should be labeled “Destination File Path”? I’ve seen a couple people make this mistake of not providing a full file path in some way or other.
Yes I can update that, the example placeholder text does show a file path but our error message should also identify that the path is a directory and explain the problem more, or we could maybe have a default file name like certificate.crt depending on what the output is if you provide a folder.
Ran into this one myself today. Does the path field accept variables, e.g. date/time, certificate name etc?
Nope, it’s just a file name currently, interesting idea though.
The intended use for this feature is where you have a server like nginx, apache or some other tool which has configuration that you point to a file, so dynamically changing the filename doesn’t seem super useful (unless you are dynamically updating your config). Interested to know the use case for dynamic naming?
I can see the point of the primary domain (we do this for the CCS export) but not for date/time unless you just like to archive your certificates for posterity
Yes, I save and archive certificates for a short while. I like to keep these available just in case they are needed again. Certain certificates are used for more than one machine so variable names can help seperate these.
Also I like to add the fqdn, start and end date to the filename so I can immediately see for which domain it’s for and whether it’s still valid.
I have only 1 deployment task in Certify, a powershell script which exports a certificate to a specific location, with specific naming. A weekly scheduled task runs a couple of powershell scripts for remote deployment to multiple machines, which determine if a certificate is available based on it’s name.