I have a solution with multiple SF services. Some of them use HTTPS endpoints, so I have these specs (details hidden or changed)
We are several developers, and we are using self-signed certificates for local deployment.
<Parameters>
<Parameter Name="Api_SslCertHash" DefaultValue="<my-thumbprint-here!>" />
</Parameters>
and
<ServiceManifestImport>
<ServiceManifestRef ServiceManifestName="SomeAppPkg" ServiceManifestVersion="1.0.0" />
<Policies>
<EndpointBindingPolicy EndpointRef="ServiceEndpointHttps" CertificateRef="mycert" />
</Policies>
</ServiceManifestImport>
and then
<Certificates>
<EndpointCertificate X509FindValue="[Api_SslCertHash]" Name="mycert" />
</Certificates>
Now the problem is that we have this file checked in to Git, and since everyone has their own self-signed cert (Not: I don't know if this has to be, maybe we can share certs, by the question remains anyway) the thumbprint is different per developer.
My question is: Is it possible to have the thumbprint in an environment-variable, or get it from another source instead of changing it in the ApplicationManifest. I realise that it could be hard in a cluster environment, but maybe when deploying locally?
I have a similar requirement for ServiceManifest, where I would like to have different port numbers. I know I can override it in Local.1Node.xml but it would be nice to be able to pick it up externally.
I don't see why you cant use a variable like you are doing in your last example, but that doesn't solve your multiple developer problem.
The correct way to handle this is to generate a certificate, check it into source control and make everyone else use the same certificate. In fact, if you set up a secure cluster in production, anyone who wants to be able to view the Explorer will need the same certificate installed on their machine in order to authenticate.