我是Hyperledger fabric的新手,我正在使用hyperledger fabric ca服务器注册管理员,用户,对等方。我对此毫不怀疑
1. when i create the admin, using fabric-ca-client start --id admin:adminpw its create the config file and msp folder in home directory, does msp contain the private key of admin.
2. if msp contain the private key, when we host the fabric-server into live do we still keep the msp folder in live/production,does the private key will be exposed. how its works.
请有人帮我澄清我的疑问。
答案 0 :(得分:1)
1)当您使用fabric-ca-client注册(<!-- animsition.css -->
<link rel="stylesheet" href="https://unpkg.com/animsition@latest/dist/css/animsition.min.css">
<!-- jQuery -->
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js"></script>
<!-- animsition.js -->
<script src="https://unpkg.com/animsition@latest/dist/js/animsition.min.js"></script>
<h1>This is a test page</h1>
<div class="animsition-layer" data-animsition-overlay="true">
<a href="#" class="animsition-link btn" data-animsition-out-class="overlay-slide-out-left bg-red" data-animsition-out-duration="300">
Button
</a>
</div>
<p>How to transfer the "style media="screen" { .bg-red{background: red} }" from my HTML sample to my CSS file ?
</p>
时,它将在fabric-ca-client enroll
目录中创建私钥。
2)如果不想在文件系统上公开私钥,则可以通过PKCS11将私钥存储在HSM(硬件安全模块)中。有关更多详细信息,请参见https://hyperledger-fabric-ca.readthedocs.io/en/release-1.4/users-guide.html?highlight=pkcs11#hsm。如果您无权访问HSM,则应至少对文件系统进行加密(如果在云中运行),并确保将用于启动架构进程的用户的文件权限设置为map/keystore