At present, if connected to a platform running with insecure self-signed certs or over http, the CLI will report Failed to get platform configuration. Is the platform accepting connections at '$HOST'? when using client credentials, or ERROR An error occurred during login. Please check your credentials and try again: platform configuration not found when trying to directly authenticate the profile through client credentials.
Background
At present, if connected to a platform running with insecure self-signed certs or over http, the CLI will report
Failed to get platform configuration. Is the platform accepting connections at '$HOST'?when using client credentials, orERROR An error occurred during login. Please check your credentials and try again: platform configuration not foundwhen trying to directly authenticate the profile through client credentials.These errors are misleading, as the true error is that the well-known config is available but the cert failed. This is due to logic here: https://github.com/opentdf/otdfctl/blob/cdaae409c98fe54b58d6d35dba9c990929d8145a/cmd/root.go#L146
We should check if the reason the SDK errored out was due to not passing
--tls-no-verifyand instruct the CLI user helpfully about the situation.Acceptance Criteria