Stuck with Tentacle installation & Registration on a windows machine at New certificate generation step using Ansible.
I’m trying to install the Octopus tentacle using the Ansible role. The following are the steps I have in the playbook.
name: Create Tentacle Instance
win_command: Tentacle.exe create-instance --instance "{{InstanceName}}" --config "C:\Octopus\Tentacle.config" --console
args:
chdir: C:\Program Files\Octopus Deploy\Tentacle\
- name: Create Tentacle Certificate
become_method: administratorCreate tentacle
win_command: Tentacle.exe new-certificate --instance "{{InstanceName}}" --if-blank --console
args:
chdir: C:\Program Files\Octopus Deploy\Tentacle\
- name: Tentacle Configure
win_command: Tentacle.exe configure --instance "{{InstanceName}}" --reset-trust --console
args:
chdir: C:\Program Files\Octopus Deploy\Tentacle\
- name: Tentacle Configure For Port
win_command: Tentacle.exe configure --instance "{{InstanceName}}" --home "C:\Octopus" --app "C:\Octopus\Applications" --port "{{Port}}" --console
args:
chdir: C:\Program Files\Octopus Deploy\Tentacle\
- name: Tentacle Configure for Thumprint
win_command: Tentacle.exe configure --instance "{{InstanceName}}" --trust "{{Thumprint}}" --console
args:
chdir: C:\Program Files\Octopus Deploy\Tentacle\
- name: Tentactale Register Octopus Server
win_command: Tentacle.exe register-with --instance "{{InstanceName}}" --server "Server name" --apiKey="{{ApiKey}}" --role "{{Role}}" --environment "{{EnvironmentName}}" --comms-style TentaclePassive --console
args:
chdir: C:\Program Files\Octopus Deploy\Tentacle\
- name: Tentacle Service Start
win_command: Tentacle.exe service --instance "{{InstanceName}}" --install --start --console
args:
chdir: C:\Program Files\Octopus Deploy\Tentacle\
The above are the errors I’m getting at the ‘Create Tentacle Certificate‘ step.
Error:
TASK [server_register_to_octopus_deploy_server : Create Tentacle Certificate] *****************************************************************************
fatal: [Tentacle]: FAILED! => {"changed": true, "cmd": "Tentacle.exe new-certificate --instance \"Server name\" --if-blank --console", "delta": "0:00:00.828141", "end": "2020-02-11 07:11:07.023425", "msg": "non-zero return code", "rc": 100, "start": "2020-02-11 07:11:06.195283", "stderr": "===============================================================================\r\nAccess is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))\r\nSystem.UnauthorizedAccessException\r\n at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo)\r\n at Octopus.Shared.Internals.CertificateGeneration.Win32ErrorHelper.ThrowExceptionIfGetLastErrorIsNotZero()\r\n at Octopus.Shared.Internals.CertificateGeneration.CryptContext.Open()\r\n at Octopus.Shared.Security.CertificateGenerator.Generate(String fullName, Boolean exportable, ILog log)\r\n at Octopus.Tentacle.Configuration.TentacleConfiguration.GenerateNewCertificate()\r\n at Octopus.Tentacle.Commands.NewCertificateCommand.Start()\r\n at Octopus.Shared.Startup.AbstractCommand.Start(String[] commandLineArguments, ICommandRuntime commandRuntime, OptionSet commonOptions)\r\n at Octopus.Shared.Startup.ConsoleHost.Run(Action`1 start, Action shutdown)\r\n at Octopus.Shared.Startup.OctopusProgram.RunHost(ICommandHost host)\r\n at Octopus.Shared.Startup.OctopusProgram.Run()\r\n===============================================================================\r\nCrypto functions require the Windows User Profile\r\n-------------------------------------------------------------------------------\r\nVarious cryptographic functions used by Octopus Deploy require the Windows user profile to have been loaded. Some remote administration scenarios run commmands in processes without user profile information; to successfully run the problem command, invoke it from the command-line using RUNAS, e.g.: `runas /profile /user:<username> \"C:\\...\\Tentacle.exe new-certificate\"`.\r\nSee: http://g.octopushq.com/CryptoRequiresUserProfile\r\n-------------------------------------------------------------------------------\r\nTerminating process with exit code 100\r\nFull error details are available in the log files at:\r\nC:\\Octopus\\Logs\r\nC:\\Users\\Administrator\\AppData\\Local\\Octopus\\Logs\r\nIf you need help, please send these log files to https://octopus.com/support\r\n-------------------------------------------------------------------------------\r\n\r\n", "stderr_lines": ["===============================================================================", "Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))", "System.UnauthorizedAccessException", " at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo)", " at Octopus.Shared.Internals.CertificateGeneration.Win32ErrorHelper.ThrowExceptionIfGetLastErrorIsNotZero()", " at Octopus.Shared.Internals.CertificateGeneration.CryptContext.Open()", " at Octopus.Shared.Security.CertificateGenerator.Generate(String fullName, Boolean exportable, ILog log)", " at Octopus.Tentacle.Configuration.TentacleConfiguration.GenerateNewCertificate()", " at Octopus.Tentacle.Commands.NewCertificateCommand.Start()", " at Octopus.Shared.Startup.AbstractCommand.Start(String[] commandLineArguments, ICommandRuntime commandRuntime, OptionSet commonOptions)", " at Octopus.Shared.Startup.ConsoleHost.Run(Action`1 start, Action shutdown)", " at Octopus.Shared.Startup.OctopusProgram.RunHost(ICommandHost host)", " at Octopus.Shared.Startup.OctopusProgram.Run()", "===============================================================================", "Crypto functions require the Windows User Profile", "-------------------------------------------------------------------------------", "Various cryptographic functions used by Octopus Deploy require the Windows user profile to have been loaded. Some remote administration scenarios run commmands in processes without user profile information; to successfully run the problem command, invoke it from the command-line using RUNAS, e.g.: `runas /profile /user:<username> \"C:\\...\\Tentacle.exe new-certificate\"`.", "See: http://g.octopushq.com/CryptoRequiresUserProfile", "-------------------------------------------------------------------------------", "Terminating process with exit code 100", "Full error details are available in the log files at:", "C:\\Octopus\\Logs", "C:\\Users\\Administrator\\AppData\\Local\\Octopus\\Logs", "If you need help, please send these log files to https://octopus.com/support", "-------------------------------------------------------------------------------", ""], "stdout": "", "stdout_lines": []}
Error after adding the runas /profile /user:Administration
command to the win_command step :
TASK [server_register_to_octopus_deploy_server : Create Tentacle Certificate] *****************************************************************************
fatal: [Tentacle]: FAILED! => {"changed": true, "cmd": "runas /profile /user:Administrator \"Tentacle.exe new-certificate --instance \"Server name\" --if-blank --console\"", "delta": "0:00:00.062497", "end": "2020-02-11 02:49:57.156088", "msg": "non-zero return code", "rc": 1, "start": "2020-02-11 02:49:57.093590", "stderr": "", "stderr_lines": [], "stdout": "Enter the password for Administrator: \u0000\r\n", "stdout_lines": ["Enter the password for Administrator: \u0000"]}
Steps I tried:
runas /profile /user:Administrator
too. Still, it is hitting the error with no password reason.tentacle.exe new-certificate -e MyFile.txt
) and it has to be imported on the target server ( Tentacle.exe import-certificate --instance "Tentacle" -f MyFile.txt –console
). I have my Ansible on - -
Linux Machine and tentacle on a windows machine. Is it possible to export a certificate created on Linux to Windows? Or Is there a way to fix this by generating a new certificate on the target machine, without import/exporting the certificate. Any help would be appreciated
Thanks in Advance.
User contributions licensed under CC BY-SA 3.0