Hi All,
Our company self signs all URL’s with the company cert, any idea how to inject this into the client created by the WorkflowEnvironment.start_time_skipping()?
RuntimeError: Failed starting test server: error sending request for url (https://temporal.download/temporal-test-server/default?arch=amd64&platform=windows&sdk-name=sdk-python&sdk-version=1.5.0): error trying to connect: invalid peer certificate: UnknownIssuer
Below code works for requests but unsure how to inject that cert into the client WorkflowEnvironment.start_time_skipping()
request = requests.get(
“https://temporal.download/temporal-test-server/default?arch=amd64&platform=windows&sdk-name=sdk-python&sdk-version=1.5.0”,
verify=“Company-CA.crt”)
To confirm, your company MITMs all HTTPS traffic and resigns with their own cert? General concerns aside, if this is the case, the best solution here will be to provide the test server executable yourself instead of us downloading it. You can download the test server directly from Java SDK releases area and provide the path to the extracted executable as test_server_existing_path
. With this present, the attempted download at runtime will not occur.
Indeed it does MITM and resigns all certs for security reasons with our cert
Thank you, I will give that a try. Might not be a long term solution as we need clients for windows and CI/CD envs and need to maintain ect. Passing the cert in would be easier, but I will see if that works for now