Connecting via core-sdk in rust


I’m trying to connect to the temporal grpc server using the rust core-sdk. I’m able to currently connect and start workflows using a plain temporal server.

However, if i try to connect to temporal cloud and try to do the same thing, I need to use mTLS to connect & this is where I have some trouble.

If i simplify it to the tonic channel

let certificate = r#"-----BEGIN CERTIFICATE-----

let ca_chain = r#"-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----"#;

let certificate_chain = format!("{}{}", certificate, ca_chain);

        let identity = Identity::from_pem(certificate_chain, pki.private_key.clone());

        let tls = ClientTlsConfig::new()
        let channel = Channel::from_static("http://<connection>")

This will give me the error

channel: Err(tonic::transport::Error(Transport, hyper::Error(Connect, Custom { kind: InvalidData, error: CorruptMessage })))

Separately, I also tried using the sdk-core client api directly and come into an issue.

let client_cert = tokio::fs::read(
let client_private_key = tokio::fs::read(

let sgo = ClientOptionsBuilder::default()
        .tls_cfg(TlsConfig {
            server_root_ca_cert: None,
            domain: Some("<host>".to_string()),
            client_tls_config: Some(ClientTlsConfig {
                client_cert: client_cert,
                client_private_key: client_private_key,
let con = sgo
        .connect("default".to_string(), None, None)


I can’t quite figure out why I cant connect. I’d also note that the certificates/chains and private key work perfectly fine with both the typescript and the go-sdk

Hoping i can get some help!

I have not debugged your code or the issue, but can you try using https:// scheme in the URL? (we hide the URL scheme in TypeScript/Python because in true user-facing gRPC fashion, it’s not a URL but a “target host” despite the types Tonic chooses to use)

Hi Chad,

The scheme didn’t make a difference, although if i don’t use a scheme it will complain about needing a scheme. I saw it’s there on the tonic examples but isn’t used there really either.

Is there an example on how to start a workflow with rust using the same cert/config given via typescript?