Hyperledger fabric fabric ca如何生成客户端证书文件和密钥文件?
错误:POST失败[POST:x509: 证书对example.com有效,而不是localhost];不发送 fabric-ca-client-config.yaml tls: 已启用:trueHyperledger fabric fabric ca如何生成客户端证书文件和密钥文件?,hyperledger-fabric,Hyperledger Fabric,错误:POST失败[POST:x509: 证书对example.com有效,而不是localhost];不发送 fabric-ca-client-config.yaml tls: 已启用:true fabric-ca-client enroll -u https://admin:adminpw@localhost:7054 -c fabric-ca-client-config.yaml 客户: certfiles: crypto-config/peerOrganizations/org1.ex
fabric-ca-client enroll -u https://admin:adminpw@localhost:7054 -c fabric-ca-client-config.yaml
客户:
certfiles: crypto-config/peerOrganizations/org1.example.com/users/Admin@org1.example.com/tls/ca.crt
docker-compose.yaml
ca.org1.example.com:
certfile: crypto-config/peerOrganizations/org1.example.com/users/Admin@org1.example.com/tls/server.crt
keyfile: crypto-config/peerOrganizations/org1.example.com/users/Admin@org1.example.com/tls/server.key
结构ca客户端
错误:POST失败[POST:x509:由未知机构签署的证书];不发送
这里的问题是fabric ca服务器正在使用的TLS服务器证书是为example.com颁发的,您正试图以localhost身份访问它 你可以 禁用结构ca服务器的TLS只是为了向前移动 为fabric ca服务器创建了一个新的TLS证书,该证书对localhost有效。我认为,当fabric ca服务器自动生成TLS证书时,它应该对localhost有效 在主机文件映射example.com到127.0.0.1中添加一个条目
结构ca服务器使用的是什么?码头工人的形象?
image: hyperledger/fabric-ca
environment:
- FABRIC_CA_HOME=/etc/hyperledger/fabric-ca-server
- FABRIC_CA_SERVER_CA_NAME=ca.org1.example.com
- FABRIC_CA_SERVER_TLS_ENABLED=true
- FABRIC_CA_SERVER_CA_CERTFILE=/etc/hyperledger/fabric-ca-server-config/ca.org1.example.com-cert.pem
- FABRIC_CA_SERVER_CA_KEYFILE=/etc/hyperledger/fabric-ca-server-config/${PRIVATE_KEY}
ports:
- "7054:7054"
command: sh -c 'fabric-ca-server start -b admin:adminpw -d'
volumes:
- ./crypto-config/peerOrganizations/org1.example.com/ca/:/etc/hyperledger/fabric-ca-server-config
container_name: ca.org1.example.com
fabric-ca-client enroll -u https://admin:adminpw@example.com:7054 -c fabric-ca-client-config.yaml