有关Hyperledger Fabric MSP设置的问题 [英] Questions on hyperledger fabric MSP setting
问题描述
我正在研究hyperledger fabic教程:建立第一个网络(BYFN) ,并研究脚本的详细信息.可以在此处找到源代码.
I am studying the hyperledger fabic tutorial: Building Your First Network (BYFN), and studying the details of the scripts. The source codes can be found here.
命令byfn.sh generate
运行cryptogen generate ./config=./crypto-config.yaml
,然后生成证书.目录crypto-config/
带有子目录ordererOrganization/
和peerOrganizations/
.
The commandbyfn.sh generate
runs cryptogen generate ./config=./crypto-config.yaml
and then generates certificates. A directory crypto-config/
is produced with sub-directories ordererOrganization/
and peerOrganizations/
.
在路径crypto-config/peerOrganizations/org1.example.com/
中.它由
-
ca/
-
msp/
-
peers
-
tlsca/
-
users/
ca/
msp/
peers
tlsca/
users/
我很难理解此目录中的结构.
I have difficulties in understanding the structures in this directory.
第一季度: ca/
,msp/
和tlsa/
中包含证书和私钥.但是他们代表什么呢?为什么我们需要它们?这让我感到困惑,因为在peer/
的目录中,还有msp/
和tls/
.
Q1: There are certs and private keys in ca/
, msp/
and tlsa/
. But what are they representing? and why do we need them? It confuses me because inside directory of peer/
, there are also msp/
and tls/
.
问题2: users/
目录的作用是什么? (我只知道网络中有对等点和订购者). user
和admin
代表该组织的最终用户吗? user
和admin
有什么区别?以这个网络图片为例,user
和admin
在哪里?
Q2: What is the purpose of users/
directory? (I only know the network has peers and orderers). Are user
and admin
representing the end-users for this organization? and what is the difference between user
and admin
? Take this network picture for example, where are user
and admin
?
非常感谢
推荐答案
因此,仅使用msp/
下的内容加载公共频道配置.
这用于验证客户端和网络节点(对等,订购者)的证书.
So, public channel configuration is loaded only with what is found under msp/
.
This is used to verify certificates of clients, and network nodes (peers, orderers).
ca/
文件夹仅表示退出CA的情况.
tlsca/
文件夹基本上用于定义与ca/
文件夹相同的内容,仅用于TLS证书.在结构中,TLS和注册证书具有不同的证书链.
The ca/
folder just represents what a CA would have had it exited.
The tlsca/
folder is basically used to define the same thing the ca/
folder, only for TLS certificates. In fabric, there is a different certificate chain for TLS and for enrollment certificates.
现在,peers
,orderers
和users
包含该节点的本地MSP的材料及其签名身份(证书和私钥).
Now, the peers
, orderers
, users
contain the material for the local MSP of the node, as well as its signing identity (certificate, and private key).
user
基本上是可以作为客户端身份验证到Fabric的任何人,而admin是一种特殊类型的用户,有权签署对其所属组织具有管理更改的交易,例如-添加锚点对等体将配置事务发送给订购者时,或者-实例化链码.
The user
is basically anyone that can authenticate to fabric as a client, and an admin is a special type of users who is authorized to sign transactions that have administrative changes on the organization it belongs to, like - adding anchor peers when sending a configuration transaction to the orderer, or - instantiating chaincode.
这篇关于有关Hyperledger Fabric MSP设置的问题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!