Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Windows agent should be configured for Windows Certificate Store by default #2194

Open
lg2de opened this issue Mar 29, 2019 · 3 comments

Comments

Projects
None yet
2 participants
@lg2de
Copy link

commented Mar 29, 2019

Agent Version and Platform

2.136.1

OS of the machine running the agent?
Windows

Azure DevOps Type and Version

on-premises TFS
16.131.28226.3

What's not working?

To get the windows agent to run completely with a TFS server using self-signed SSL certificate I need to configure manually:

config.cmd --gituseschannel --sslcacert ./locationtoyourcert.pem

The one option is required for git fetch, the other is required to (explicitly download artifacts e.g. using 'Download Build Artifacts' task).

Is it possible to configure the agent by default to use the Windows Certificate Store?

@TingluoHuang

This comment has been minimized.

Copy link
Member

commented Mar 29, 2019

@lg2de that's a little bit hard, the agent is an dotnet core application, it's already use Windows cert store. the problem is all the different tools you may use during your pipeline, i don't think there is a universal way to force everything to use windows cert store, plus some linux tool that built on old version openssl may not support windows cert store at all. :)

@lg2de

This comment has been minimized.

Copy link
Author

commented Mar 29, 2019

  1. The package is for window, so it "knows" it is for windows.
  2. The batch file (config.cmd) is specific for windows. I could set required options internally.
@TingluoHuang

This comment has been minimized.

Copy link
Member

commented Mar 29, 2019

i am talking about all the different tools you used during the build, like npm, node, python, go, etc, they may have no idea about windows certificate store. :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.