feat: add temporal tls configuration

Signed-off-by: Valery Piashchynski <[email protected]>

1 files changed, 32 insertions, 0 deletions

diff --git a/.rr.yaml b/.rr.yaml
index 21457c9c..80431327 100644
--- a/.rr.yaml
+++ b/.rr.yaml
@@ -246,6 +246,38 @@ temporal:
     #tags:
     #  - foo: bar
 
+  # Temporal TLS configuration
+  #
+  # This section is optional
+  tls:
+    # Path to the key file
+    #
+    # This option is required
+    key: ""
+
+    # Path to the certificate
+    #
+    # This option is required
+    cert: ""
+
+    # Path to the CA certificate, defines the set of root certificate authorities that servers use if required to verify a client certificate. Used with the `client_auth_type` option.
+    #
+    # This option is optional
+    root_ca: ""
+
+    # Client auth type.
+    #
+    # This option is optional. Default value: no_client_certs. Possible values: request_client_cert, require_any_client_cert, verify_client_cert_if_given, require_and_verify_client_cert, no_client_certs
+    client_auth_type: no_client_certs
+
+    # ServerName is used to verify the hostname on the returned
+    # certificates unless InsecureSkipVerify is given. It is also included
+    # in the client's handshake to support virtual hosting unless it is
+    # an IP address.
+    #
+    # Default: hostname
+    server_name: "tls-sample"
+
   # Activities pool settings.
   activities:
     # Debug mode for the pool. In this mode, pool will not pre-allocate the worker. Worker (only 1, num_workers ignored) will be allocated right after the request arrived.