Hyperledger Fabric cryptgen工具无法创建admincerts [英] Hyperledger fabric cryptgen tool not creating the admincerts
问题描述
我正在使用超级账本firstsample中的cryptogen工具,它未在 crypto-config/peerorganisation/org1.example.com/msp/admicerts .
I am using the cryptogen tool from the hyper-ledgerfabric firstsample, Its does not create the admin certificate inside the crypto-config/peerorganisation/org1.example.com/msp/admicerts.
./cryptogen generate --output="crypto-config"
我的加密配置文件
OrdererOrgs:
- Name: Orderer
OrdererOrgs:
- Name: Orderer
Domain: example.com
Specs:
- Hostname: orderer
PeerOrgs:
- Name: Org1
Domain: org1.example.com
EnableNodeOUs: true
Template:
Count: 1
Users:
Count: 1
- Name: Org2
Domain: org2.example.com
EnableNodeOUs: true
Template:
Count: 1
Users:
Count: 1
- Name: Org3
Domain: org3.example.com
EnableNodeOUs: true
Template:
Count: 1
Users:
Count: 1
推荐答案
1.4.3中有一项新功能,该功能使您可以为管理员指定 OU ,而不必在admincerts
文件夹.
There is a new feature in 1.4.3 which allows you to specify an OU for admin rather than explicitly putting certificates in the admincerts
folder.
在密码配置中,设置EnableNodeOUs: true
,这将自动为所有受支持的角色启用OU.
In your crypto-config, you set EnableNodeOUs: true
and this automatically enables OUs for all supported roles.
您会看到类似的东西
NodeOUs:
Enable: true
ClientOUIdentifier:
Certificate: cacerts/ca.sampleorg-cert.pem
OrganizationalUnitIdentifier: client
PeerOUIdentifier:
Certificate: cacerts/ca.sampleorg-cert.pem
OrganizationalUnitIdentifier: peer
AdminOUIdentifier:
Certificate: cacerts/ca.sampleorg-cert.pem
OrganizationalUnitIdentifier: admin
OrdererOUIdentifier:
Certificate: cacerts/ca.sampleorg-cert.pem
OrganizationalUnitIdentifier: orderer
在msp/config.yaml文件中(在您的情况下为 crypto-config/peerorganisation/org1.example.com/msp/crypto.yaml ).
in the msp/config.yaml file ( in your case in crypto-config/peerorganisation/org1.example.com/msp/crypto.yaml).
请注意AdminOUIdentifier
字段.这意味着,由CA为您的组织颁发的包含OU=admin
的任何证书现在都被视为管理员.在组织MSP下为admin用户生成的证书也是使用OU = admin生成的(例如Subject: C=US, ST=California, L=San Francisco, OU=admin, CN=Admin@sampleorg
).
Note the AdminOUIdentifier
field. This means that any cert issued by the CA for your org which contains an OU=admin
is now considered an admin. The certificate generated for the admin user under your org MSP is also generated with OU=admin (e.g. Subject: C=US, ST=California, L=San Francisco, OU=admin, CN=Admin@sampleorg
).
这篇关于Hyperledger Fabric cryptgen工具无法创建admincerts的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!