无法验证超级账本节点SDK中的第一个证书?

时间:2019-03-19 06:16:58

标签: node.js hyperledger-fabric hyperledger

我正在将Hyperledger节点sdk与启用了TLS的tunning区块链网络集成在一起。我能够成功调用查询链码。我能够成功注册管理员。但是,当我注册用户时,出现以下错误。

Failed to register user "user1": Error: Calling register endpoint failed with error [Error: unable to verify the first certificate]

下面是我的connection.js

{
    "name": "byfn",
    "version": "1.0.0",
    "client": {
        "organization": "org1",
        "credentialStore": {
            "path": "./wallet",
            "cryptoStore": {
              "path": "./wallet"
            }
          }
    },
    "channels": {
        "foundational": {
            "orderers": [
                "orderer0.orgledger.com",
                "orderer1.orgledger.com"
            ],
            "peers": {
                "peer0.org1.orgledger.com": {
                    "endorsingPeer": true,
                    "chaincodeQuery": true,
                    "ledgerQuery": true,
                    "eventSource": true
                },
                "peer0.org2.orgledger.com": {
                    "endorsingPeer": false,
                    "chaincodeQuery": true,
                    "ledgerQuery": true,
                    "eventSource": true
                },
                "peer0.org3.orgledger.com": {
                    "endorsingPeer": false,
                    "chaincodeQuery": true,
                    "ledgerQuery": true,
                    "eventSource": true
                }
            }
        }
    },
    "organizations": {
        "org1": {
            "mspid": "org1MSP",
            "peers": [
                "peer0.org1.orgledger.com"
            ],
            "certificateAuthorities": [
                "ca.orgledger.com"
            ],
            "adminorg3Key": {
                "path": "../crypto-config/peerOrganizations/org1.orgledger.com/users/Admin@org1.orgledger.com/msp/keystore/3442d5a33729209d7c33b00b53f57ef09d9e24b592eb8f0b48d1077db2e0d4a6_sk"
            },
            "signedCert": {
                "path" : "../crypto-config/peerOrganizations/org1.orgledger.com/users/Admin@org1.orgledger.com/msp/signcerts/Admin@org1.orgledger.com-cert.pem"
            }
        },
        "org2": {
            "mspid": "org2MSP",
            "peers": [
                "peer0.org2.orgledger.com"
            ],
            "certificateAuthorities": [
                "ca.orgledger.com"       

            ],
            "adminorg3Key": {
                "path": "../crypto-config/peerOrganizations/org2.orgledger.com/users/Admin@org2.orgledger.com/msp/keystore/a0c574a2ef9054ed22905458e68e74185ada86446c9a39faa223fff43f05d4e1_sk"
            },
            "signedCert": {
                "path" : "../crypto-config/peerOrganizations/org2.orgledger.com/users/Admin@org2.orgledger.com/msp/signcerts/Admin@org2.orgledger.com-cert.pem"
            }

        },
        "org3": {
            "mspid": "org3MSP",
            "peers": [
                "peer0.org3.orgledger.com"
            ],
            "certificateAuthorities": [
                "ca.orgledger.com"
            ],
            "adminorg3Key": {
                "path": "../crypto-config/peerOrganizations/org3.orgledger.com/users/Admin@org3.orgledger.com/msp/keystore/afef5529f601bde779b12306aaeb497d9a400f13240d9d2ec4245caa2765cb88_sk"
            },
            "signedCert": {
                "path" : "../crypto-config/peerOrganizations/org3.orgledger.com/users/Admin@org3.orgledger.com/msp/signcerts/Admin@org3.orgledger.com-cert.pem"
            }
        }
    },
    "orderers": {
        "orderer0.orgledger.com": {
            "url": "grpcs://localhost:22050",
            "grpcOptions":{
                "ssl-target-name-override": "orderer0.orgledger.com",
                "grpc.keepalive_timeout_ms": 15
            },

          "tlsCACerts": {
            "path": "../crypto-config/ordererOrganizations/orgledger.com/orderers/orderer0.orgledger.com/msp/tlscacerts/tlsca.orgledger.com-cert.pem"
          }
        },
        "orderer1.orgledger.com": {
            "url": "grpcs://localhost:23050",
            "grpcOptions":{
                "ssl-target-name-override": "orderer1.orgledger.com",
                "grpc.keepalive_timeout_ms": 15
            },

          "tlsCACerts": {
            "path": "../crypto-config/ordererOrganizations/orgledger.com/orderers/orderer1.orgledger.com/msp/tlscacerts/tlsca.orgledger.com-cert.pem"
          }
        }

    },
    "peers": {
        "peer0.org1.orgledger.com": {
            "url": "grpcs://localhost:7051",
            "eventUrl": "grpcs://localhost:7053",
            "grpcOptions":{
                "ssl-target-name-override": "peer0.org1.orgledger.com",
                "grpc.keepalive_time_ms": 600000
            },

          "tlsCACerts": {
            "path": "../crypto-config/peerOrganizations/org1.orgledger.com/tlsca/tlsca.org1.orgledger.com-cert.pem"
          }
        },
        "peer0.org2.orgledger.com": {
            "url": "grpcs://localhost:8051",
            "eventUrl": "grpcs://localhost:8053",
            "grpcOptions":{
                "ssl-target-name-override": "peer0.org2.orgledger.com",
                "grpc.keepalive_time_ms": 600000
            },

          "tlsCACerts": {
            "path": "../crypto-config/peerOrganizations/org2.orgledger.com/tlsca/tlsca.org2.orgledger.com-cert.pem"
          }
        },
        "peer0.org3.orgledger.com": {
            "url": "grpcs://localhost:9051",
            "eventUrl": "grpcs://localhost:9053",
            "grpcOptions":{
                "ssl-target-name-override": "peer0.org3.orgledger.com",
                "grpc.keepalive_time_ms": 600000
            },

          "tlsCACerts": {
            "path": "../crypto-config/peerOrganizations/org3.orgledger.com/tlsca/tlsca.org3.orgledger.com-cert.pem"
          }
        }
    },
    "certificateAuthorities": {
        "ca.orgledger.com": {
            "url": "https://localhost:7054",
            "caName": "ca.orgledger.com"
        },
        "httpOptions": {
            "verify": false
        },
        "tlsCACerts": {
            "path": "../crypto-config/peerOrganizations/org1.orgledger.com/ca/ca.org1.orgledger.com-cert.pem"
        },
        "registrar": [
            {
                "enrollId": "admin",
                "enrollSecret": "adminpw"
            }
        ]
    }
}

1 个答案:

答案 0 :(得分:0)

certificatAuthorities的选项放置在错误的位置,请尝试以下方式:

...
"certificateAuthorities": {
    "ca.orgledger.com": {
        "url": "https://localhost:7054",
        "caName": "ca.orgledger.com",        
        "httpOptions": {
            "verify": false
        },
        "tlsCACerts": {
            "path": "../crypto-config/peerOrganizations/org1.orgledger.com/ca/ca.org1.orgledger.com-cert.pem"
        },
        "registrar": [
            {
                "enrollId": "admin",
                "enrollSecret": "adminpw"
            }
        ]
    }