错误:[JoinChain] [mychannel]的访问被拒绝:[验证提议的创建者失败,但其满足MSP策略[Admins]:[此身份不是管理员]]

时间:2019-02-26 06:33:35

标签: hyperledger-fabric hyperledger hyperledger-fabric-ca hyperledger-fabric-sdk-js

joinChannel.js出现以下错误:

Successfully loaded peeradmin from persistence
{ block:
   { header:
      { number: [Object],
        previous_hash: [Object],
        data_hash: [Object] },
     data: { data: [Array] },
     metadata: { metadata: [Array] } } }
error: [client-utils.js]: sendPeersProposal - Promise is rejected: Error: access denied for [JoinChain][mychannel]: [Failed verifying that proposal's creator satisfies local MSP principal during channelless check policy with policy [Admins]: [This identity is not an admin]]
not good

是的,错误在抱怨什么呢?我在查明是对等管理员私钥,对等管理员证书,对等tls证书还是其他配置时遇到麻烦。我取得了对等管理员证书,并将其添加到IBP仪表板,并执行了“同步证书”。需要进行哪些检查以确保我确实为管理员指定了正确的凭据?

var Fabric_Client = require('fabric-client');
var path = require('path');
var fs = require('fs');

var fabric_client = new Fabric_Client();

var ordererTLSCert = fs.readFileSync('./orderercert.pem');

var peerAdminKey = Buffer.from(fs.readFileSync('./keystore-1.pem')).toString();
// var peerAdminCert =  Buffer.from(fs.readFileSync('./admincert-1.pem')).toString()
var peerAdminCert = Buffer.from(fs.readFileSync('./signcert-1.pem')).toString();

fabric_client.setAdminSigningIdentity(peerAdminKey, peerAdminCert, 'org2');

var channel = fabric_client.newChannel('mychannel');
var peer = fabric_client.newPeer('grpcs://169.xx.xx.xx:xxxxx', {
  pem: peerTlsCert,
  'ssl-target-name-override': null,
});
var orderer = fabric_client.newOrderer(
  'grpcs://nfxxx-orderer.us08.blockchain.ibm.com:xxxxx',
  {
    pem: Buffer.from(ordererTLSCert).toString(),
    'ssl-target-name-override': null,
  }
);

channel.addPeer(peer);
channel.addOrderer(orderer);

var tx_id = null;

tx_id = fabric_client.newTransactionID(true);
let g_request = {
  txId: tx_id,
  // orderer,
};
channel
  .getGenesisBlock(g_request)
  .then(block => {
    console.log({ block });
    tx_id = fabric_client.newTransactionID(true);
    let j_request = {
      targets: peer,
      block,
      txId: tx_id,
    };
    return channel.joinChannel(j_request, 30000);
  })
  .then(results => {
    console.log(results);
    if (results && results[0].response && results[0].response.status == 200) {
      // good
      console.log('good');
    } else {
      console.log('not good');
      // not good
    }
  })
  .catch(err => {
    console.error(err);
  });

2 个答案:

答案 0 :(得分:1)

将对等方加入频道后,需要使用对等方本地管理员对交易进行签名。本地管理员由位于对等方msp/admincerts文件夹中的证书标识。

答案 1 :(得分:0)

尝试一下:

 tx_id = fabric_client.newTransactionID(true);

您需要管理员权限才能创建或加入频道

相关问题
最新问题