Removing support for SHA-1 certificates in Octopus Tentacles

In a move to enhance security in software deployment environments, Octopus Deploy is removing support for SHA-1 certificates in favor of the more secure SHA-256 certificates for communication between Octopus Server and Tentacles. This decision impacts customers still using SHA-1 by requiring them to regenerate their certificates to maintain secure connections via Transport Layer Security (TLS). The shift is part of a broader commitment to support modern operating systems and runtime environments, with a deprecation schedule set for June 1, 2025, for Octopus Cloud customers and later updates for Linux and Windows users. The secure communication model in Octopus involves mutual certificate verification using thumbprints, similar to SSH protocols, ensuring only trusted entities can exchange commands. While most customers have already transitioned to SHA-256, those who haven't are encouraged to act promptly to align with current security standards. Octopus Deploy is also exploring future features to automate certificate regeneration and welcomes customer feedback on credential management practices to better meet user needs.