Hyperledger Fabric cryptgen工具无法创建admincerts [英] Hyperledger fabric cryptgen tool not creating the admincerts

查看:192
本文介绍了Hyperledger Fabric cryptgen工具无法创建admincerts的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在使用超级账本firstsample中的cryptogen工具,它未在 crypto-config/peerorganisation/org1.example.com/msp/admicerts .

I am using the cryptogen tool from the hyper-ledgerfabric firstsample, Its does not create the admin certificate inside the crypto-config/peerorganisation/org1.example.com/msp/admicerts.

./cryptogen generate --output="crypto-config"

我的加密配置文件

          OrdererOrgs:
            - Name: Orderer
            OrdererOrgs:
            - Name: Orderer
              Domain: example.com
              Specs:
            - Hostname: orderer
              PeerOrgs:
            - Name: Org1
            Domain: org1.example.com
           EnableNodeOUs: true
           Template:
           Count: 1
           Users:
           Count: 1
          - Name: Org2
          Domain: org2.example.com
          EnableNodeOUs: true
           Template:
            Count: 1
            Users:
           Count: 1
         - Name: Org3
           Domain: org3.example.com
           EnableNodeOUs: true
           Template:
          Count: 1
          Users:
          Count: 1

推荐答案

1.4.3中有一项新功能,该功能使您可以为管理员指定 OU ,而不必在admincerts文件夹.

There is a new feature in 1.4.3 which allows you to specify an OU for admin rather than explicitly putting certificates in the admincerts folder.

在密码配置中,设置EnableNodeOUs: true,这将自动为所有受支持的角色启用OU.

In your crypto-config, you set EnableNodeOUs: true and this automatically enables OUs for all supported roles.

您会看到类似的东西

NodeOUs:
  Enable: true
  ClientOUIdentifier:
    Certificate: cacerts/ca.sampleorg-cert.pem
    OrganizationalUnitIdentifier: client
  PeerOUIdentifier:
    Certificate: cacerts/ca.sampleorg-cert.pem
    OrganizationalUnitIdentifier: peer
  AdminOUIdentifier:
    Certificate: cacerts/ca.sampleorg-cert.pem
    OrganizationalUnitIdentifier: admin
  OrdererOUIdentifier:
    Certificate: cacerts/ca.sampleorg-cert.pem
    OrganizationalUnitIdentifier: orderer

在msp/config.yaml文件中(在您的情况下为 crypto-config/peerorganisation/org1.example.com/msp/crypto.yaml ).

in the msp/config.yaml file ( in your case in crypto-config/peerorganisation/org1.example.com/msp/crypto.yaml).

请注意AdminOUIdentifier字段.这意味着,由CA为您的组织颁发的包含OU=admin的任何证书现在都被视为管理员.在组织MSP下为admin用户生成的证书也是使用OU = admin生成的(例如Subject: C=US, ST=California, L=San Francisco, OU=admin, CN=Admin@sampleorg).

Note the AdminOUIdentifier field. This means that any cert issued by the CA for your org which contains an OU=admin is now considered an admin. The certificate generated for the admin user under your org MSP is also generated with OU=admin (e.g. Subject: C=US, ST=California, L=San Francisco, OU=admin, CN=Admin@sampleorg ).

这篇关于Hyperledger Fabric cryptgen工具无法创建admincerts的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
其他开发最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆