有关Hyperledger Fabric MSP设置的问题 [英] Questions on hyperledger fabric MSP setting

问题描述

我正在研究hyperledger fabic教程:建立第一个网络(BYFN) ，并研究脚本的详细信息.可以在此处找到源代码.

I am studying the hyperledger fabic tutorial: Building Your First Network (BYFN), and studying the details of the scripts. The source codes can be found here.

命令byfn.sh generate运行cryptogen generate ./config=./crypto-config.yaml，然后生成证书.目录crypto-config/带有子目录ordererOrganization/和peerOrganizations/.

The commandbyfn.sh generate runs cryptogen generate ./config=./crypto-config.yaml and then generates certificates. A directory crypto-config/ is produced with sub-directories ordererOrganization/ and peerOrganizations/.

在路径crypto-config/peerOrganizations/org1.example.com/中.它由

1. ca/
2. msp/
3. peers
4. tlsca/
5. users/

1. ca/
2. msp/
3. peers
4. tlsca/
5. users/

我很难理解此目录中的结构.

I have difficulties in understanding the structures in this directory.

第一季度: ca/，msp/和tlsa/中包含证书和私钥.但是他们代表什么呢?为什么我们需要它们?这让我感到困惑，因为在peer/的目录中，还有msp/和tls/.

Q1: There are certs and private keys in ca/, msp/ and tlsa/. But what are they representing? and why do we need them? It confuses me because inside directory of peer/, there are also msp/ and tls/.

问题2: users/目录的作用是什么? (我只知道网络中有对等点和订购者). user和admin代表该组织的最终用户吗? user和admin有什么区别?以这个网络图片为例，user和admin在哪里?

Q2: What is the purpose of users/ directory? (I only know the network has peers and orderers). Are user and admin representing the end-users for this organization? and what is the difference between user and admin? Take this network picture for example, where are user and admin?

非常感谢

推荐答案

因此，仅使用msp/下的内容加载公共频道配置. 这用于验证客户端和网络节点(对等，订购者)的证书.

So, public channel configuration is loaded only with what is found under msp/. This is used to verify certificates of clients, and network nodes (peers, orderers).

ca/文件夹仅表示退出CA的情况. tlsca/文件夹基本上用于定义与ca/文件夹相同的内容，仅用于TLS证书.在结构中，TLS和注册证书具有不同的证书链.

The ca/ folder just represents what a CA would have had it exited. The tlsca/ folder is basically used to define the same thing the ca/ folder, only for TLS certificates. In fabric, there is a different certificate chain for TLS and for enrollment certificates.

现在，peers，orderers和users包含该节点的本地MSP的材料及其签名身份(证书和私钥).

Now, the peers, orderers , users contain the material for the local MSP of the node, as well as its signing identity (certificate, and private key).

user基本上是可以作为客户端身份验证到Fabric的任何人，而admin是一种特殊类型的用户，有权签署对其所属组织具有管理更改的交易，例如-添加锚点对等体将配置事务发送给订购者时，或者-实例化链码.

The user is basically anyone that can authenticate to fabric as a client, and an admin is a special type of users who is authorized to sign transactions that have administrative changes on the organization it belongs to, like - adding anchor peers when sending a configuration transaction to the orderer, or - instantiating chaincode.

这篇关于有关Hyperledger Fabric MSP设置的问题的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！