Unable to use gRPC resource with SSL/TLS

Hi Retool Community!

I have an issue in using a gRPC resource.
More specifically, I want to create a gRPC resource to connect my retool app to Camunda 8 SaaS (https://camunda.com/).

On the gRPC resource setup screen, I need to enable SSL/TLS as the connection with Camunda can't be established without SSL/TLS.
I have managed to correctly connect and use the gRPC API on Camunda using Postman (https://www.postman.com/).

So, my question is, how can I set up SSL/TLS on Retool gRPC resource? What files I need to upload to the relevant fields (as shown in the attached screenshot) and how can I create these files? Right now I get the error: "Error: 14 UNAVAILABLE: No connection established"

Thank you in advance,
Spiros Chronas

Hey @spirosc thanks for reporting this. We have filed a bug report as that error is thrown for any issue with certs/configuration on either the client or server side. Have you tried the Verify CA Certificate option? If not, can you try and let me know if you receive the same error?

I'll also update this post as I get any additional information on the internal bug report that we have tracking this.

Hi @joeBumbaca , thank you for your response.
I just tried the Verify CA Certificate option and I still get the same error.
Regarding the OAuth setup, I am sure it is correct as I use the same values on postman and there is no problem there.

I am looking forward to the results of the bug report.
Thanks again.

Hi @joeBumbaca , I was wondering if you got any updates on the bug report.

@spirosc Unfortunately not, the eng team responsible has it in their queue and we'll update this thread as soon as we have any new information to share.

Thanks a lot @joeBumbaca, I am looking for the eng team response.

Hi @joeBumbaca , any news here?
My team considers moving on a paid plan, however my manager is negative because of the bad support experience.

I like Retool platform and the power and flexibility it provides, and I do not want to abandon this project.
Could you please push further to resolve my issue?

Best regards,

@spirosc I bumped the internal ticket for this issue. We'll let you know here as soon as there is any update, thanks.

Hey, we are running into the exact same bug. Are there any updates on this? We just need the ability to skip verification for now, not an involved bugfix. We're blocked from using Retool for our service until that point.

Hi @joeBumbaca - just wanted to bump this as well. This is currently a blocker on several fronts for us, so it would be really helpful to get this resolved. Thanks!

Hey @Dylan_Parker @rpadaki, we've pinged the team responsible for this to take a look again and get an ETA on some sort of resolution here. I'll update you here as soon as I have any news to share.

@spirosc , @rpadaki , @Dylan_Parker : :wave: I am the engineer on the team that builds and maintains this. I added a fix to skip verification and expect it to be released sometime in the afternoon PST tomorrow. I might need your help thereafter to confirm if the change works for you. Will share a heads up!

1 Like

Heads up: We have another fix scheduled to go out next week on Wednesday which would help fix this for good. In the meantime, a workaround is to upload a valid ca cert in your resource config and that would make your requests succeed.

1 Like

Hi @himanshu , I just checked, and it's still not working.
Could you provide some screenshots on what we need to select on the SSL/TLS options of the gRPC resource?

This should work assuming your grpc service is not using a self signed cert. If it is, you would want to pass the CA certificate. To clarify @spirosc, you are using Retool hosted (ie not self hosting this)?

Could you also share the error message

@himanshu, yes I am using Retool Hosted, and I've made the exact same settings as you did, but I'm still getting the below error:


Hey @spirosc! This was released for the Cloud product, but that code hasn't made it to the on-premise deployments yet. Spoke with @himanshu today, and it should be released in v3.33 scheduled for Feb 27. Once that is out, you can update to that version and test it out.

@spirosc note that as a workaround until the on-premise release, you can pass a CA certificate object in the configs that includes your certificate. This is essentially the fix where Retool includes it by default in v3.33

1 Like

@himanshu @joeBumbaca I am using the cloud version (i.e. hosted by you - not onpremise).

Hey @spirosc, are you able to DM me the credentials so we can troubleshoot your specific issue?