打开byfn-network.json并将文本INSERT_ORG1_CA_CERT的所有实例替换为Org1的对等节点的CA证书:-使用以下命令从.pem文件中获取证书,以便可以将其嵌入到上面的连接配置文件。
复制
awk 'NF {sub(/\r/, ""); printf "%s\\n",$0;}' crypto-config/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt > /tmp/composer/org1/ca-org1.txt
但是我完全困惑我需要复制哪些内容以及粘贴在何处
答案 0 :(得分:1)
基本上,组织需要连接配置文件。此连接配置文件包含网络中连接的所有对等方的详细信息,如下所示:
{
"name": "byfn-network",
"x-type": "hlfv1",
"version": "1.0.0",
"channels": {
"mychannel": {
"orderers": [
"orderer.example.com"
],
"peers": {
"peer0.org1.example.com": {
"endorsingPeer": true,
"chaincodeQuery": true,
"eventSource": true
},
"peer1.org1.example.com": {
"endorsingPeer": true,
"chaincodeQuery": true,
"eventSource": true
},
"peer0.org2.example.com": {
"endorsingPeer": true,
"chaincodeQuery": true,
"eventSource": true
},
"peer1.org2.example.com": {
"endorsingPeer": true,
"chaincodeQuery": true,
"eventSource": true
}
}
}
},
"organizations": {
"Org1": {
"mspid": "Org1MSP",
"peers": [
"peer0.org1.example.com",
"peer1.org1.example.com"
],
"certificateAuthorities": [
"ca.org1.example.com"
]
},
"Org2": {
"mspid": "Org2MSP",
"peers": [
"peer0.org2.example.com",
"peer1.org2.example.com"
],
"certificateAuthorities": [
"ca.org2.example.com"
]
}
},
"orderers": {
"orderer.example.com": {
"url": "grpcs://localhost:7050",
"grpcOptions": {
"ssl-target-name-override": "orderer.example.com"
},
"tlsCACerts": {
"pem": "INSERT_ORDERER_CA_CERT"
}
}
},
"peers": {
"peer0.org1.example.com": {
"url": "grpcs://localhost:7051",
"grpcOptions": {
"ssl-target-name-override": "peer0.org1.example.com"
},
"tlsCACerts": {
"pem": "INSERT_ORG1_CA_CERT"
}
},
"peer1.org1.example.com": {
"url": "grpcs://localhost:8051",
"grpcOptions": {
"ssl-target-name-override": "peer1.org1.example.com"
},
"tlsCACerts": {
"pem": "INSERT_ORG1_CA_CERT"
}
},
"peer0.org2.example.com": {
"url": "grpcs://localhost:9051",
"grpcOptions": {
"ssl-target-name-override": "peer0.org2.example.com"
},
"tlsCACerts": {
"pem": "INSERT_ORG2_CA_CERT"
}
},
"peer1.org2.example.com": {
"url": "grpcs://localhost:10051",
"grpcOptions": {
"ssl-target-name-override": "peer1.org2.example.com"
},
"tlsCACerts": {
"pem": "INSERT_ORG2_CA_CERT"
}
}
},
"certificateAuthorities": {
"ca.org1.example.com": {
"url": "https://localhost:7054",
"caName": "ca-org1",
"httpOptions": {
"verify": false
}
},
"ca.org2.example.com": {
"url": "https://localhost:8054",
"caName": "ca-org2",
"httpOptions": {
"verify": false
}
}
}
}
如您所见,此文件具有网络每个对等方的连接端点。如果要在网络中启用TLS,则还需要在此处提供TLS-CA证书。该证书进入json的“ tlsCACerts”部分。
因此,考虑您的问题,byfn-network.json应该是您的连接配置文件。而当您运行以下命令时:
awk 'NF {sub(/\r/, ""); printf "%s\\n",$0;}' crypto-config/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt > /tmp/composer/org1/ca-org1.txt
它将复制peer0.org1的tls-ca证书并将其粘贴到/tmp/composer/org1/ca-org1.txt的文本文件中。
您需要复制此文本文件的内容,并将其粘贴到byfn-network.json文件的“ tlsCACerts”部分。
有一个相当全面的教程。您可以找到参考文献here。