You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the bug
When trying to connect the Worker to a server using the tls-fullsample, connection fails with [TransportError: transport error: error trying to connect: invalid certificate: UnknownIssuer]
To Reproduce
Steps to reproduce the behavior:
Follow the mTLS tutorial but use tls-full instead of simple
I believe I am running into this, although I only see "[TransportError: transport error]". I can connect with tctl but not from my typescript SDK worker using the same certificates and client key. I also get the same error when I run the worker in a docker container (local and on a Linux node).
I got it to work with just a root CA (no intermediate) by adding -sha256 to the openssl commands generating the certs (it was defaulting to sha1, possibly due to something else I had going on). Once that was fixed I switched back to an end entity cert signed with an intermediate CA and I started getting "Failed to connect before the deadline" (due to "unable to get issuer certificate" as observed in grpc-js logs). I believe that is this issue: grpc/grpc-node#1784.
Describe the bug
When trying to connect the Worker to a server using the
tls-full
sample, connection fails with[TransportError: transport error: error trying to connect: invalid certificate: UnknownIssuer]
To Reproduce
Steps to reproduce the behavior:
tls-full
instead of simpleExpected behavior
Worker should connect to server
Versions (please complete the following information where relevant):
temporalio/auto-setup@sha256:004f4440664f13c3b049eaad5c019c9f780082d8752655d01ef91e322b482097
Additional context
Tried using different certificates without success, seems like this is a MacOS issue, @Sushisource got it working on Linux.
The text was updated successfully, but these errors were encountered: