Add Let's Encrypt automation to OD server
Ensuring certificates for the OD server are up to date are a little annoying. It would be awesome if the OD server could support renewing it's own hosting certificate with Let's Encrypt.
I've had a stab at creating custom steps to do this. The main issue is domain validation (DV). DNS validation often requires manual intervention and OD server controls http (see discussion at https://community.letsencrypt.org/t/domain-validation/26512 ).
The only way I see this really progressing forward is if OD server supports Let's Encrypt in the server as a maintanence task as it would be able to respond to http DV requests. It could then get the new certificate issued after successful http DV and update its https binding to use the new certificate.
I would also like to have the same thumbprint configured in the registry of the server for RDP access. An option to support this as part of the certificate renewal would be great.
This has been released with Octopus 3.15. See our blog post for more information – https://octopus.com/blog/octopus-release-3-15.