I’ll preface my comment with, I’ve read this post which includes my exact error. However, I suspect that my error is that I am misunderstanding the purpose of these ENV vars:
My initial thought was that these env vars are what the nodejs web app would use to support HTTPS usage in the browser. However, after some investigation, it appears that these env vars are for mutual authentication to the frontend services (i.e. client certs for access to the frontend service). The certificates I’m providing in these env vars are not being added to the frontend services as valid client certs as they are used to enable HTTPS for the temporal web ingress. I think this is the reason for the ssl errors I’m seeing the temporal web app logs.
I have a requirement to support end-to-end TLS encryption for EKS-based applications (SSL to the container) but after looking at the temporal web source, I’m wondering if it’s even possible. It looks like the temporal web is based on Koa and based on the koa docs regarding enabling HTTPS, I’m thinking that the current temporal web code does not currently support running the koa app as an https server, and thus does not support end-to-end encryption.
Can someone confirm my finding?