temporalio · bechols · Feb 27, 2026
@@ -37,7 +37,7 @@ This approach ensures near-zero-downtime rotation and prevents authentication fa
 
 For mutual TLS (mTLS) implementations, using Let's Encrypt is not recommended, as it is designed primarily for public-facing services and lacks support for internal certificate requirements. 
 
-While we are not making a specific product recommendation, there are several valid options for managing certificates. Many organizations choose vendor solutions such as AWS Private CA, Setigo, Microsoft Certification Authority, or DigiCert for their robust integration and lifecycle features. Alternatively, self-signed certificates are a valid and commonly used approach, even in production environments. If you choose to self-sign, tools like [OpenSSL](https://openssl-library.org/), [CFSSL](https://github.com/cloudflare/cfssl), or [step CLI](https://github.com/smallstep/cli) can help generate and manage certificates effectively. 
+While we are not making a specific product recommendation, there are several valid options for managing certificates. Many organizations choose vendor solutions such as AWS Private CA, Sectigo, Microsoft Certification Authority, or DigiCert for their robust integration and lifecycle features. Alternatively, self-signed certificates are a valid and commonly used approach, even in production environments. If you choose to self-sign, tools like [OpenSSL](https://openssl-library.org/), [CFSSL](https://github.com/cloudflare/cfssl), or [step CLI](https://github.com/smallstep/cli) can help generate and manage certificates effectively. 
 
 Select the option that aligns best with your infrastructure, security requirements, and operational needs.
 
@@ -56,6 +56,6 @@ One convention is to give certificates a common name that matches the namespace.
 
 #### 2. Use Certificate Filters to restrict access when using shared CAs (e.g., `dev` vs `prod`):
 
-  Certificate Filters are an additional way of validating using the client certificate presented during client authenticationGive certificates a common name that matches the namespace. This is not a requirement.   
+  Certificate Filters are an additional way of validating using the client certificate presented during client authentication. Give certificates a common name that matches the namespace. This is not a requirement.   
 
   If you do this when using the same CA for dev and prod environments, then you can leverage Certificate Filters to prevent access to production. 
@@ -114,7 +114,7 @@ activity timeout, as well as, optionally, the
 
 If the activity may be executing (i.e. it has not yet timed out), the
 reset will take effect the next time it fails, heartbeats, or times out.
-If is waiting for a retry (i.e. has failed or timed out), the reset
+If it is waiting for a retry (i.e. has failed or timed out), the reset
 will apply immediately.
 
 If the activity is already paused, it will be unpaused by default.
@@ -136,7 +136,7 @@ reset, handle this error and then re-throw it when you've cleaned up.
 
 If the `reset_heartbeats` flag is set, the heartbeat details will also be cleared.
 
-Specify the Activity Type of ID and Workflow IDs:
+Specify the Activity Type or ID and Workflow IDs:
 
 ```
 temporal activity reset \

@@ -132,7 +132,7 @@ If set, the Activity will start at a random time within the specified jitter dur
 
 ## activity-type
 
-Command is applied to the all running activities with of this type.
+Command is applied to all running activities of this type.
 
 ## address
 

@@ -105,7 +105,7 @@ Use the following options to change the behavior of this command. You can also u
 
 ## delete
 
-Delete a Workflow Executions and its Event History:
+Delete a Workflow Execution and its Event History:
 
 ```
 temporal workflow delete \

@@ -234,7 +234,7 @@ Example: To assess the impact of rate limiting on Scheduled Executions.
 ### `schedule_action_success`
 
 Measures the successful execution of Workflows as per their schedules or through manual triggers.
-This metric is confirms that Workflows are running as expected without delays or errors.
+This metric confirms that Workflows are running as expected without delays or errors.
 
 Example: To track the success rate of Scheduled Workflow Executions.
 

@@ -126,7 +126,7 @@ Therefore, just from the Command, you can't predict the resulting Event type.
 
 ### ScheduleNexusOperation
 
-This Command is triggered by a call to execute an Nexus Operation in the caller Workflow.
+This Command is triggered by a call to execute a Nexus Operation in the caller Workflow.
 
 - Awaitable: Yes, a Workflow Execution can await on the action resulting from this Command.
 - Corresponding Event: [NexusOperationScheduled](/references/events#nexusoperationscheduled)

@@ -60,7 +60,7 @@ Check `net.ParseIP` for supported syntax, only IPv4 is supported.
 ### metrics
 
 Configures the Cluster's metric subsystem.
-Specific provides are configured using provider names as the keys.
+Specific providers are configured using provider names as the keys.
 
 - [`statsd`](#statsd)
 - `prometheus`
@@ -110,7 +110,7 @@ The `prometheus` sections supports the following settings:
 The `m3` sections supports the following settings:
 
 - `hostPort`: The host:port of the M3 server.
-- `service`: The service tag to that this client emits.
+- `service`: The service tag that this client emits.
 - `queue`: M3 reporter queue size, default is 4k.
 - `packetSize`: M3 reporter max packet size, default is 32k.
 
@@ -398,7 +398,7 @@ _Required_
 
 ## publicClient
 
-The `publicClient` a required section describing the configuration needed to for worker to connect to Temporal server for background server maintenance.
+The `publicClient` is a required section describing the configuration needed for a worker to connect to Temporal server for background server maintenance.
 
 - `hostPort` IPv4 host port or DNS name to reach Temporal frontend, [reference](https://github.com/grpc/grpc/blob/master/doc/naming.md)
 

@@ -54,7 +54,7 @@ Check that the [Workflow](/workflows) is validating search attributes after unal
 
 This error indicates that the [Workflow Task](/tasks#workflow-task) failed due to unset [FailWorkflowExecution](/references/commands#failworkflowexecution) attributes.
 
-If you encounter this error, make sure that `StartToClostTimeout` or `ScheduleToCloseTimeout` are set.
+If you encounter this error, make sure that `StartToCloseTimeout` or `ScheduleToCloseTimeout` are set.
 Restart the [Worker](/workers) that the [Workflow](/workflows) and [Activity](/activities) are registered to.
 
 ## Bad Modify Workflow Properties Attributes {#bad-modify-workflow-properties-attributes}

@@ -371,15 +371,15 @@ Latency of a Temporal Client gRPC request.
 
 ### resource_slots_cpu_usage
 
-CPU usage as a value between 0 and 100. As percieved by the resource-based slots tuner, if
+CPU usage as a value between 0 and 100. As perceived by the resource-based slots tuner, if
 enabled.
 
 - Type: Gauge
 - Available in: Core, Java
 
 ### resource_slots_mem_usage
 
-Memory usage as a value between 0 and 100. As percieved by the resource-based slots tuner, if
+Memory usage as a value between 0 and 100. As perceived by the resource-based slots tuner, if
 enabled.
 
 - Type: Gauge
@@ -512,7 +512,7 @@ A Workflow Task Execution failed.
 
 Valid values for the `failure_reason` tag:
 
-- `NonDeterminismError`: The Workflow Task failed due to a non-determinim error.
+- `NonDeterminismError`: The Workflow Task failed due to a non-determinism error.
 - `WorkflowError`: The Workflow Task failed for any other reason.
 
 ### workflow_task_execution_latency

@@ -131,7 +131,7 @@ This can be set as in the UI server configuration with [auth](/references/web-ui
 
 The URL for the authentication or authorization issuer.
 
-This value is only needed when the issuer differes from the auth provider URL.
+This value is only needed when the issuer differs from the auth provider URL.
 
 ## `TEMPORAL_AUTH_CLIENT_ID`
 

@@ -37,7 +37,7 @@ The following modifiers control the behavior of the command.
 
 ### --workflow_id
 
-Specify the [Workflow Id](/workflow-execution/workflowid-runid#workflow-id)of an [Activity Execution](/activity-execution) to complete.
+Specify the [Workflow Id](/workflow-execution/workflowid-runid#workflow-id) of an [Activity Execution](/activity-execution) to complete.
 
 Alias: `-w`
 
@@ -99,7 +99,7 @@ The following modifiers control the behavior of the command.
 
 ### --workflow_id
 
-Specify the [Workflow Id](/workflow-execution/workflowid-runid#workflow-id)of an [Activity Execution](/activity-execution) to fail.
+Specify the [Workflow Id](/workflow-execution/workflowid-runid#workflow-id) of an [Activity Execution](/activity-execution) to fail.
 
 Alias: `-w`
 

@@ -274,7 +274,7 @@ Where the tls client cert is located.
 
 Where the tls key is located.
 
-#### --tls_ca_pat
+#### --tls_ca_path
 
 Where the tls ca is located.
 
@@ -448,7 +448,7 @@ The `tctl admin dlq` commands run admin operations on a given dead-letter queue
 
 ### merge
 
-The `tctl admib dlq merge` command allows dead-letter queue (DLQ) messages to be merged.
+The `tctl admin dlq merge` command allows dead-letter queue (DLQ) messages to be merged.
 
 The messages must have TaskIds with an equal or lesser value than the given TaskId.
 
@@ -518,7 +518,7 @@ ShardId provided for the command.
 
 #### --max_message_count
 
-The maximum number of messages to fethc.
+The maximum number of messages to fetch.
 
 Default: 0
 

@@ -284,7 +284,7 @@ tctl namespace update --history_archival_state <value>
 
 ### --history_uri
 
-Specify the URI for URI for [Archival](/temporal-service/archival).
+Specify the URI for [Archival](/temporal-service/archival).
 The URI cannot be changed after Archival is first enabled.
 
 **Example**

@@ -252,7 +252,7 @@ This can help you understand the load on your Temporal service and how often you
 
 ## Caching
 
-Temporal Workers relies on caching to optimize performance by reducing the overhead of fetching Workflow state from the history and Replaying.
+Temporal Workers rely on caching to optimize performance by reducing the overhead of fetching Workflow state from the history and Replaying.
 However, unlimited caching is impossible; there's a trade-off between the benefits of cached data and the memory consumed.
 These metrics allow you to balance performance gains with responsible memory usage.