Unable to create client for temporal managed cloud

Community Support
,
1

Howdy folks,
I am trying to connect to our new temporal managed cloud instance and i’m facing all types of errors when I try different things like:

	temporalClient, err := client.Dial(client.Options{
		Namespace: "<namespace>",
		HostPort:  "<namespace>.tmprl.cloud:7233",
		ConnectionOptions: client.ConnectionOptions{
			TLS: &tls.Config{
				Certificates: []tls.Certificate{deps.Certificate()},
				RootCAs:      deps.RootCA(),
				MinVersion:   tls.VersionTLS12,
			},
		},
	})

One example of an error i’m getting:

failed reaching server: last connection error: connection closed before server preface received

Another error i’m getting is when i change the hostport to web..tmprl.cloud:7233:

failed reaching server: last connection error: connection error: desc = "transport: authentication handshake failed: tls: first record does not look like a TLS handshake"

What is interesting, after setting up an mTLS cluster in our localstack, the initialising client works, but when we try to connect to our managed cloud instance it doesnt work. Any help is appreciated.

Cheers folks!

2

connection closed before server preface received

One of the reasons this error can happen is when using expired client certs.

As for the code, can you give below a shot and see if you run into any issues?

cert, err := tls.LoadX509KeyPair("mypem.pem", "mykey.key")
if err != nil {
	// ...
}

c, err := client.Dial(client.Options{
	HostPort:  "<namespace>.tmprl.cloud:7233",
	Namespace: "<namespace>",
	ConnectionOptions: client.ConnectionOptions{
		TLS: &tls.Config{
			Certificates: []tls.Certificate{cert},
			ServerName:   "<namespace>.tmprl.cloud",
		},
	},
})
3

Het Tihomir, thanks for your reply. When I try this change, the new error changes too:

failed reaching server: last connection error: connection error: desc = "transport: authentication handshake failed: tls: first record does not look like a TLS handshake"

I’ve asked someone from our infrastructure team to confirm if the certificate is still valid, however I am fairly sure it is and will update if it isnt.

4

Ok, thanks. Also it would help if you opened a Zendesk ticket for this. With ticket we could ask team to check for any possible issues on server config end as well.