在尝试在启用了tls的vm上部署Hyperledger Fabric 1.2网络时,我遇到以下错误。如果未启用tls,则可以正常运行。
订购者的日志
2019-02-06 07:21:48.629 UTC [grpc] Printf-> DEBU 32c grpc: Server.Serve无法从以下位置完成安全握手 “ 172.28.0.1:60654”:远程错误:tls:证书错误2019-02-06 07:21:49.631 UTC [grpc] Printf-> DEBU 32d grpc:Server.Serve失败 从“ 172.28.0.1:60658”完成安全握手:远程错误: tls:证书错误2019-02-06 07:21:51.242 UTC [grpc] Printf-> DEBU 32e grpc:Server.Serve无法从以下位置完成安全握手 “ 172.28.0.1:60662”:远程错误:tls:证书错误
同行的日志
2019-02-06 07:05:39.616 UTC [deliveryClient]尝试-> WARN 048得到了 错误:无法连接到任何端点:[10.200.10.97:7050] ,尝试7次。 1m4s重试2019-02-06 07:06:46.619 UTC [ConnProducer] NewConnection-> ERRO 049无法连接到 10.200.10.97:7050,错误:上下文截止日期已超出2019-02-06 07:06:46.619 UTC [deliveryClient] connect-> ERRO 04a无法获取 连接:无法连接到任何端点: [10.200.10.97:7050] 2019-02-06 07:06:46.619 UTC [deliveryClient]尝试 -> WARN 04b出现错误:尝试尝试8次时无法连接到任何端点:[10.200.10.97:7050]。 2m8s重试2019-02-06 07:08:57.622 UTC [ConnProducer] NewConnection-> ERRO 04c失败 正在连接到10.200.10.97:7050,错误:超出了上下文期限 2019-02-06 07:08:57.622 UTC [deliveryClient]连接-> ERRO 04d 无法获得连接:无法连接到任何 端点:[10.200.10.97:7050] 2019-02-06 07:08:57.622 UTC [deliveryClient]尝试-> WARN 04e出现错误:无法连接到任何 端点数:[10.200.10.97:7050],尝试9次。重试中 4m16s 2019-02-06 07:13:16.625 UTC [ConnProducer] NewConnection-> ERRO 04f连接到10.200.10.97:7050失败,错误:上下文 截止日期已超过2019-02-06 07:13:16.625 UTC [deliveryClient] 连接-> ERRO 050无法获得连接:无法连接 任何端点:[10.200.10.97:7050] 2019-02-06 07:13:16.625 UTC [deliveryClient]尝试-> WARN 051得到错误:无法连接到任何 端点数量:[10.200.10.97:7050],尝试10次。重试中 8m32s 2019-02-06 07:21:51.628 UTC [ConnProducer] NewConnection-> ERRO 052无法连接到10.200.10.97:7050,错误:上下文 截止日期已超过2019-02-06 07:21:51.628 UTC [deliveryClient] 连接-> ERRO 053无法获得连接:无法连接 任何端点:[10.200.10.97:7050] 2019-02-06 07:21:51.628 UTC [deliveryClient]尝试-> WARN 054得到错误:无法连接到任何 端点数:[10.200.10.97:7050],尝试11次。重试中 17平方米
我看过针对类似错误提供的解决方案,但似乎无济于事。
以下是我的docker compose文件。
version: '2'
services: ca.org1.example.com:
image: hyperledger/fabric-ca:1.2.1
environment:
- FABRIC_CA_HOME=/etc/hyperledger/fabric-ca-server
- FABRIC_CA_SERVER_CA_NAME=ca.org1.example.com
- FABRIC_CA_SERVER_TLS_ENABLED=true
- FABRIC_CA_SERVER_TLS_CERTFILE=/etc/hyperledger/fabric-ca-server-tls/tlsca.org1.example.com-cert.pem
- FABRIC_CA_SERVER_TLS_KEYFILE=/etc/hyperledger/fabric-ca-server-tls/0cb4817b6da79bc68fad2fa8ce4f87589e30f42bf942e05000743da51177c9c1_sk
ports:
- "7054:7054"
command: sh -c 'fabric-ca-server start -b admin:adminpw -d --ca.certfile /etc/hyperledger/fabric-ca-server-config/ca.org1.example.com-cert.pem
--ca.keyfile /etc/hyperledger/fabric-ca-server-config/7500db7dc4fa2cd8be9c4808e24d1e0aa9afc96e046e6b8f91c570823dfbd787_sk'
volumes:
- ./crypto-config/peerOrganizations/org1.example.com/ca/:/etc/hyperledger/fabric-ca-server-config
- ./crypto-config/peerOrganizations/org1.example.com/tlsca/:/etc/hyperledger/fabric-ca-server-tls
container_name: ca.org1.example.com
orderer.example.com:
container_name: orderer.example.com
image: hyperledger/fabric-orderer:1.2.1
environment:
- ORDERER_GENERAL_LOGLEVEL=debug
- ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
- ORDERER_GENERAL_LISTENPORT=7050
- CONFIGTX_ORDERER_ADDRESSES=[127.0.0.1:7050]
- ORDERER_HOST=orderer.example.com
- ORDERER_GENERAL_GENESISMETHOD=file
- ORDERER_GENERAL_GENESISFILE=/etc/hyperledger/configtx/composer-genesis.block
- ORDERER_GENERAL_LOCALMSPID=OrdererMSP
- ORDERER_GENERAL_LOCALMSPDIR=/etc/hyperledger/msp/orderer/msp
- ORDERER_GENERAL_TLS_ENABLED=true
- ORDERER_GENERAL_TLS_PRIVATEKEY=/etc/hyperledger/msp/orderer/tls/server.key
- ORDERER_GENERAL_TLS_CERTIFICATE=/etc/hyperledger/msp/orderer/tls/server.crt
- ORDERER_GENERAL_TLS_ROOTCAS=[/etc/hyperledger/msp/orderer/tls/ca.crt]
working_dir: /opt/gopath/src/github.com/hyperledger/fabric
command: orderer
ports:
- 7050:7050
volumes:
- ./:/etc/hyperledger/configtx
- ./crypto-config/ordererOrganizations/example.com/orderers/orderer.example.com/:/etc/hyperledger/msp/orderer
peer0.org1.example.com:
container_name: peer0.org1.example.com
image: hyperledger/fabric-peer:1.2.1
extra_hosts:
- "orderer.example.com:10.200.10.97"
environment:
- CORE_LOGGING_PEER=debug
- CORE_CHAINCODE_LOGGING_LEVEL=DEBUG
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
- CORE_PEER_ID=peer0.org1.example.com
- CORE_PEER_ADDRESS=peer0.org1.example.com:7051
- CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=composer_default
- CORE_PEER_NETWORKID=composer_default
- CORE_PEER_LOCALMSPID=Org1MSP
- CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/peer/msp
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_TLS_KEY_FILE=/etc/hyperledger/peer/tls/server.key
- CORE_PEER_TLS_CERT_FILE=/etc/hyperledger/peer/tls/server.crt
- CORE_PEER_TLS_ROOTCERT_FILE=/etc/hyperledger/peer/tls/ca.crt
- CORE_LEDGER_STATE_STATEDATABASE=CouchDB
- CORE_LEDGER_STATE_COUCHDBCONFIG_COUCHDBADDRESS=couchdb.org1.example.com:5984
working_dir: /opt/gopath/src/github.com/hyperledger/fabric
command: peer node start
ports:
- 7051:7051
- 7053:7053
volumes:
- /var/run/:/host/var/run/
- ./:/etc/hyperledger/configtx
- ./crypto-config/peerOrganizations/org1.example.com/users:/etc/hyperledger/msp/users
- ./crypto-config/ordererOrganizations/example.com/orderers/orderer.example.com/tls:/etc/hyperledger/orderer/tls
- ./crypto-config/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/msp:/etc/hyperledger/peer/msp
- ./crypto-config/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls:/etc/hyperledger/peer/tls
depends_on:
- orderer.example.com
- couchdb.org1.example.com
couchdb.org1.example.com:
container_name: couchdb.org1.example.com
image: hyperledger/fabric-couchdb:0.4.10
ports:
- 5984:5984
environment:
DB_URL: http://localhost:5984/member_db