Machine Identity Extension for Azure DevOps
Simplify key generation and enrollment of machine identities (also known as SSL/TLS certificates and keys) that comply with enterprise security policy by using the Venafi Trust Protection Platform(TPP) or Venafi as a Service. You can request, retrieve, and renew certificates.
This extension takes advantage of the VCert CLI. Basic usage can be found below and in the extension help itself; please see the VCert site for additional parameter details.
Supported on Windows, Linux, and Mac.
Ensure the following prerequisites are met prior to using this extension:
There are different authentication mechanisms depending on if you use TPP or Venafi as a Service, see below. After providing authentication, fill in the action specific fields and you are ready to go!
Venafi as a Service
Venafi as a Service uses an API Key found in your user preferences. Go to the API Keys section of your user preferences and 'Generate New Key' if one doesn't already exist. You can provide this directly or as a secure variable.
Trust Protection Platform
TPP requires a token which can either be precreated and provided with the 'Inline' option or obtained via a prior Machine Identity Extension task with a 'Get Token' action.
YAML example - Get token and Request