我需要了解Hyperledger架构和架构CA
1. How to create the orderer and peer certificate and key pair using fabric-ca
2. How to query the affiliation and CA name using fabric, do we need to write chain code and query them, or can I query them without using chain code through fabric node js.
3. I see Domain in crypto-config file. Do I need run any domain service or need to buy some domain name. If I am using fabric ca is there anything equivalent to a cryoto-config domain?
4. Is it possible to update the member details once it's created? If it's possible, if I change the password of the member or affiliation of the member does the certificate will get reflect to?
答案 0 :(得分:1)
通过注册实体,注册MSP和TLS配置文件以及在文件夹之间复制丢失的内容。如果需要,请制作自己的脚本。 https://hyperledger-fabric-ca.readthedocs.io/en/release-1.4/users-guide.html#fabric-ca-client https://hyperledger-fabric-ca.readthedocs.io/en/latest/clientcli.html
https://fabric-sdk-node.github.io/release-1.4/FabricCAServices.html https://godoc.org/github.com/hyperledger/fabric-sdk-go/pkg/client/msp
正如您应该看到的,crypto-config中的该域用于复合对等域和订购者域/名称。与往常一样,您可以购买域名,使用docker内部名称服务或根据需要直接使用IP地址。如果正确配置,一切正常。请注意,TLS证书包括CN或SAN字段中使用的域名或IP(--csr.hosts中的fabric-ca-client参数)。
您可以编辑身份,注册反映这些更改的新证书,并在需要时使用它们更新节点。请注意,admin文件夹中的证书定义了哪些证书被识别为admin(admin角色是每个证书,而不是每个身份),因此重新注册admin证书可能很麻烦。