Connecting to Temporal Cloud through Python SDK

Community Support
1

Hello,

I am trying to connect to Temporal Cloud through the Python SDK. I am using this exact template documentation/sample-apps/python/your_app/connect_cloud_dacx.py at main · temporalio/documentation · GitHub except with an updated “your-custom-namespace.account-id.tmprl.cloud:7233” and namespace=“.”. I have also confirmed that my client-cert.pem and client-private-key.pem are the correct pem format.

I am unable to connect to Temporal Cloud and am getting this error.

File "/home/service-user/.local/lib/python3.11/site-packages/temporalio/bridge/client.py", line 97, in connect
    await temporalio.bridge.temporal_sdk_bridge.connect_client(
RuntimeError: Failed client connect: `get_system_info` call error after connection: Status { code: Unknown, message: "transport error", source: Some(tonic::transport::Error(Transport, hyper::Error(Io, Custom { kind: InvalidData, error: "received fatal alert: IllegalParameter" }))) }

Do you have any insight into what is causing this error?

2

Hi @sophia

  1. can you share temporal SDK version you are currently using?
  2. share the main() function definition.
  3. Also, does the client-cert.pem and client-private-key.pem resides in the same folder wherein you running the connect_cloud_dacx.py?
3
  1. SDK Version: temporalio-1.10.0
  2. The main() function definition is the same as the definition given in the template, except with my personal “your-custom-namespace.account-id.tmprl.cloud:7233” and namespace=“.”
  3. They do reside in the same folder and I have checked that the contents are within the respective variables

Are you able to use this template and connect to your own Temporal Cloud on your end?

4

yes, running the same python template on my python3.11 venv with the same temporal sdk version worked fine, i can see the workflow running on the temporal cloud console.

Below are the references:

[1] venv setup + execution of the template

image
image1928×728 88 KB

[2] workflow running on temp-cloud

image
image1918×616 36 KB

[3] Template changes made with client-cert.pem and client-private-key.pem being in the same folder.

image
image2828×938 388 KB

Can you once manually test the connection to see if the TLS handshake works with the respective .pem pair? Or any error you faced during the ssl-handshake verification stage

openssl s_client -connect <your-namespace>.<accound-id>.tmprl.cloud:7233 -cert client-cert.pem -key client-private-key.pem