当我尝试创建频道时,出现如下错误:
implicit policy evaluation failed - 0 sub-policies were satisfied, but this policy requires 1 of the 'Writers' sub-policies to be satisfied: permission denied
如错误消息所述,似乎我使用错误的身份对交易进行签名以创建通道。但是,我找不到关于频道配置或身份注册和注册的任何错误。
我对组织的渠道配置是:
Organizations:
- &BPLOrg
Name: BPLMSP
ID: BPLMSP
MSPDir: artifacts/crypto/org-msp
Policies:
Readers:
Type: Signature
Rule: "OR('BPLMSP.admin', 'BPLMSP.peer', 'BPLMSP.client')"
Writers:
Type: Signature
Rule: "OR('BPLMSP.admin', 'BPLMSP.client')"
Admins:
Type: Signature
Rule: "OR('BPLMSP.admin')"
因此,根据配置,admin类型标识可以对事务进行签名以创建通道。
我的admin类型身份已经被注册并注册,如下所示:
fabric-ca-client register -d --id.name $ADMIN_ID --id.secret $ADMIN_PW --id.type admin -u https://$CA_ADMIN_ID:$CA_ADMIN_PW@$CA_NODE:7054
fabric-ca-client enroll -d --csr.names $CSR -u https://$ADMIN_ID:$ADMIN_PW@$CA_NODE:7054
使用参数--id.type admin对注册和注册进行了很好的处理,为了签署交易以创建渠道,我使用了从该注册获得的密钥。
我可以从哪里开始投资此错误?任何想法都将非常有帮助。谢谢!
-
-
[编辑] 我添加了订购者的日志。
2019-12-28 05:56:55.689 UTC [localconfig] completeInitialization -> INFO 001 Kafka.Version unset, setting to 0.10.2.0
2019-12-28 05:56:55.718 UTC [orderer.common.server] prettyPrintStruct -> INFO 002 Orderer config values:
General.LedgerType = "file"
General.ListenAddress = "0.0.0.0"
General.ListenPort = 7050
General.TLS.Enabled = true
General.TLS.PrivateKey = "/artifacts/tls/keystore/key.pem"
General.TLS.Certificate = "/artifacts/tls/signcerts/cert.pem"
General.TLS.RootCAs = [/artifacts/tls/tlscacerts/ca-cert.pem]
General.TLS.ClientAuthRequired = false
General.TLS.ClientRootCAs = []
General.Cluster.ListenAddress = ""
General.Cluster.ListenPort = 0
General.Cluster.ServerCertificate = ""
General.Cluster.ServerPrivateKey = ""
General.Cluster.ClientCertificate = "/artifacts/tls/signcerts/cert.pem"
General.Cluster.ClientPrivateKey = "/artifacts/tls/keystore/key.pem"
General.Cluster.RootCAs = [/artifacts/tls/tlscacerts/ca-cert.pem]
General.Cluster.DialTimeout = 5s
General.Cluster.RPCTimeout = 7s
General.Cluster.ReplicationBufferSize = 20971520
General.Cluster.ReplicationPullTimeout = 5s
General.Cluster.ReplicationRetryTimeout = 5s
General.Cluster.ReplicationBackgroundRefreshInterval = 5m0s
General.Cluster.ReplicationMaxRetries = 12
General.Cluster.SendBufferSize = 10
General.Cluster.CertExpirationWarningThreshold = 168h0m0s
General.Cluster.TLSHandshakeTimeShift = 0s
General.Keepalive.ServerMinInterval = 1m0s
General.Keepalive.ServerInterval = 2h0m0s
General.Keepalive.ServerTimeout = 20s
General.ConnectionTimeout = 0s
General.GenesisMethod = "file"
General.GenesisProfile = "SampleInsecureSolo"
General.SystemChannel = "test-system-channel-name"
General.GenesisFile = "/artifacts/genesis.block"
General.Profile.Enabled = false
General.Profile.Address = "0.0.0.0:6060"
General.LocalMSPDir = "/artifacts/msp"
General.LocalMSPID = "BPLMSP"
General.BCCSP.ProviderName = "SW"
General.BCCSP.SwOpts.SecLevel = 256
General.BCCSP.SwOpts.HashFamily = "SHA2"
General.BCCSP.SwOpts.Ephemeral = false
General.BCCSP.SwOpts.FileKeystore.KeyStorePath = "/artifacts/msp/keystore"
General.BCCSP.SwOpts.DummyKeystore =
General.BCCSP.SwOpts.InmemKeystore =
General.BCCSP.PluginOpts =
General.Authentication.TimeWindow = 15m0s
General.Authentication.NoExpirationChecks = false
FileLedger.Location = "/var/hyperledger/production/orderer"
FileLedger.Prefix = "hyperledger-fabric-ordererledger"
RAMLedger.HistorySize = 1000
Kafka.Retry.ShortInterval = 5s
Kafka.Retry.ShortTotal = 10m0s
Kafka.Retry.LongInterval = 5m0s
Kafka.Retry.LongTotal = 12h0m0s
Kafka.Retry.NetworkTimeouts.DialTimeout = 10s
Kafka.Retry.NetworkTimeouts.ReadTimeout = 10s
Kafka.Retry.NetworkTimeouts.WriteTimeout = 10s
Kafka.Retry.Metadata.RetryMax = 3
Kafka.Retry.Metadata.RetryBackoff = 250ms
Kafka.Retry.Producer.RetryMax = 3
Kafka.Retry.Producer.RetryBackoff = 100ms
Kafka.Retry.Consumer.RetryBackoff = 2s
Kafka.Verbose = true
Kafka.Version = 0.10.2.0
Kafka.TLS.Enabled = false
Kafka.TLS.PrivateKey = ""
Kafka.TLS.Certificate = ""
Kafka.TLS.RootCAs = []
Kafka.TLS.ClientAuthRequired = false
Kafka.TLS.ClientRootCAs = []
Kafka.SASLPlain.Enabled = false
Kafka.SASLPlain.User = ""
Kafka.SASLPlain.Password = ""
Kafka.Topic.ReplicationFactor = 1
Debug.BroadcastTraceDir = ""
Debug.DeliverTraceDir = ""
Consensus = map[SnapDir:/var/hyperledger/production/orderer/etcdraft/snapshot WALDir:/var/hyperledger/production/orderer/etcdraft/wal]
Operations.ListenAddress = "orderer0.bpl:8443"
Operations.TLS.Enabled = false
Operations.TLS.PrivateKey = ""
Operations.TLS.Certificate = ""
Operations.TLS.RootCAs = []
Operations.TLS.ClientAuthRequired = false
Operations.TLS.ClientRootCAs = []
Metrics.Provider = "disabled"
Metrics.Statsd.Network = "udp"
Metrics.Statsd.Address = "127.0.0.1:8125"
Metrics.Statsd.WriteInterval = 30s
Metrics.Statsd.Prefix = ""
2019-12-28 05:56:55.790 UTC [orderer.common.server] extractSysChanLastConfig -> INFO 003 Bootstrapping because no existing channels
2019-12-28 05:56:55.813 UTC [orderer.common.server] initializeServerConfig -> INFO 004 Starting orderer with TLS enabled
2019-12-28 05:56:55.813 UTC [orderer.common.server] configureClusterListener -> INFO 005 Cluster listener is not configured, defaulting to use the general listener on port 7050
2019-12-28 05:56:55.820 UTC [fsblkstorage] newBlockfileMgr -> INFO 006 Getting block information from block storage
2019-12-28 05:56:55.836 UTC [orderer.consensus.etcdraft] HandleChain -> INFO 007 EvictionSuspicion not set, defaulting to 10m0s
2019-12-28 05:56:55.842 UTC [orderer.consensus.etcdraft] createOrReadWAL -> INFO 008 No WAL data found, creating new WAL at path '/var/hyperledger/production/orderer/etcdraft/wal/trust-chain-system-channel' channel=trust-chain-system-channel node=1
2019-12-28 05:56:55.866 UTC [orderer.commmon.multichannel] Initialize -> INFO 009 Starting system channel 'trust-chain-system-channel' with genesis block hash 43e31dcb085730c17b70777c05983ade72df5b137da3ffeaa4e1f5c187b9c3d9 and orderer type etcdraft
2019-12-28 05:56:55.866 UTC [orderer.consensus.etcdraft] Start -> INFO 00a Starting Raft node channel=trust-chain-system-channel node=1
2019-12-28 05:56:55.866 UTC [orderer.common.cluster] Configure -> INFO 00b Entering, channel: trust-chain-system-channel, nodes: [ID: 2,
Endpoint: orderer1.bpl:7050,
ServerTLSCert:-----BEGIN CERTIFICATE-----
MIIC2zCCAoKgAwIBAgIUOerWLLNwC5CYnqRuSFx3jDehZFEwCgYIKoZIzj0EAwIw
VjELMAkGA1UEBhMCS1IxEDAOBgNVBAgTB0RhZWplb24xFzAVBgNVBAoTDmJpZ3Bp
Y3R1cmVsYWJzMQswCQYDVQQLEwJjYTEPMA0GA1UEAxMGY2EtYnBsMB4XDTE5MTIy
ODA1MzgwMFoXDTIwMTIyNzA1NDMwMFowfDELMAkGA1UEBhMCS1IxEDAOBgNVBAgT
B0RhZWplb24xFzAVBgNVBAoTDmJpZ3BpY3R1cmVsYWJzMSswDgYDVQQLEwdvcmRl
cmVyMAoGA1UECxMDYnBsMA0GA1UECxMGZmFicmljMRUwEwYDVQQDEwxvcmRlcmVy
MS5icGwwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASkTScK+zOyx1DuzACYmUKD
ttq/NUORM1+aPm8Bp43hFrKhqeS5aZ9eA9+HWBO7B95W3YqPxkw68HAKYcpPIsIs
o4IBBjCCAQIwDgYDVR0PAQH/BAQDAgOoMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr
BgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSHs7V8NpqyYzHpjAQr1euf
p9LJ6TAfBgNVHSMEGDAWgBQUQCH0Jo1n+EwtZOMd6qwL4gDAZjAXBgNVHREEEDAO
ggxvcmRlcmVyMS5icGwwagYIKgMEBQYHCAEEXnsiYXR0cnMiOnsiaGYuQWZmaWxp
YXRpb24iOiJicGwuZmFicmljIiwiaGYuRW5yb2xsbWVudElEIjoib3JkZXJlcjEu
YnBsIiwiaGYuVHlwZSI6Im9yZGVyZXIifX0wCgYIKoZIzj0EAwIDRwAwRAIgJzms
QawGjZDPH6kIIYrmB58eKZvCEB+csUD0BB/PfNUCIBuKfw8XhYS8WBih/ddU8NyV
9OuM5QWsOp2/nr5i76lh
-----END CERTIFICATE-----
, ClientTLSCert:-----BEGIN CERTIFICATE-----
MIIC2zCCAoKgAwIBAgIUOerWLLNwC5CYnqRuSFx3jDehZFEwCgYIKoZIzj0EAwIw
VjELMAkGA1UEBhMCS1IxEDAOBgNVBAgTB0RhZWplb24xFzAVBgNVBAoTDmJpZ3Bp
Y3R1cmVsYWJzMQswCQYDVQQLEwJjYTEPMA0GA1UEAxMGY2EtYnBsMB4XDTE5MTIy
ODA1MzgwMFoXDTIwMTIyNzA1NDMwMFowfDELMAkGA1UEBhMCS1IxEDAOBgNVBAgT
B0RhZWplb24xFzAVBgNVBAoTDmJpZ3BpY3R1cmVsYWJzMSswDgYDVQQLEwdvcmRl
cmVyMAoGA1UECxMDYnBsMA0GA1UECxMGZmFicmljMRUwEwYDVQQDEwxvcmRlcmVy
MS5icGwwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASkTScK+zOyx1DuzACYmUKD
ttq/NUORM1+aPm8Bp43hFrKhqeS5aZ9eA9+HWBO7B95W3YqPxkw68HAKYcpPIsIs
o4IBBjCCAQIwDgYDVR0PAQH/BAQDAgOoMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr
BgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSHs7V8NpqyYzHpjAQr1euf
p9LJ6TAfBgNVHSMEGDAWgBQUQCH0Jo1n+EwtZOMd6qwL4gDAZjAXBgNVHREEEDAO
ggxvcmRlcmVyMS5icGwwagYIKgMEBQYHCAEEXnsiYXR0cnMiOnsiaGYuQWZmaWxp
YXRpb24iOiJicGwuZmFicmljIiwiaGYuRW5yb2xsbWVudElEIjoib3JkZXJlcjEu
YnBsIiwiaGYuVHlwZSI6Im9yZGVyZXIifX0wCgYIKoZIzj0EAwIDRwAwRAIgJzms
QawGjZDPH6kIIYrmB58eKZvCEB+csUD0BB/PfNUCIBuKfw8XhYS8WBih/ddU8NyV
9OuM5QWsOp2/nr5i76lh
-----END CERTIFICATE-----
ID: 3,
Endpoint: orderer2.bpl:7050,
ServerTLSCert:-----BEGIN CERTIFICATE-----
MIIC3DCCAoKgAwIBAgIUTIRaoY38ylFYlyo5UPJaHO8UyL4wCgYIKoZIzj0EAwIw
VjELMAkGA1UEBhMCS1IxEDAOBgNVBAgTB0RhZWplb24xFzAVBgNVBAoTDmJpZ3Bp
Y3R1cmVsYWJzMQswCQYDVQQLEwJjYTEPMA0GA1UEAxMGY2EtYnBsMB4XDTE5MTIy
ODA1MzgwMFoXDTIwMTIyNzA1NDMwMFowfDELMAkGA1UEBhMCS1IxEDAOBgNVBAgT
B0RhZWplb24xFzAVBgNVBAoTDmJpZ3BpY3R1cmVsYWJzMSswDgYDVQQLEwdvcmRl
cmVyMAoGA1UECxMDYnBsMA0GA1UECxMGZmFicmljMRUwEwYDVQQDEwxvcmRlcmVy
Mi5icGwwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATD3raCU1OC0dmGpiFKixuZ
cYV/ikGwxNBdVGkdOU01ROZWHUpSzlYFq0i5Mq4JGLtcJuIdjCYIZ+MkEsTNbnpL
o4IBBjCCAQIwDgYDVR0PAQH/BAQDAgOoMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr
BgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBRVXLrZSEK8x4DPkawYGaNM
SO3DCTAfBgNVHSMEGDAWgBQUQCH0Jo1n+EwtZOMd6qwL4gDAZjAXBgNVHREEEDAO
ggxvcmRlcmVyMi5icGwwagYIKgMEBQYHCAEEXnsiYXR0cnMiOnsiaGYuQWZmaWxp
YXRpb24iOiJicGwuZmFicmljIiwiaGYuRW5yb2xsbWVudElEIjoib3JkZXJlcjIu
YnBsIiwiaGYuVHlwZSI6Im9yZGVyZXIifX0wCgYIKoZIzj0EAwIDSAAwRQIhALqM
SUA0+Aewypl30NF/C2Y0DdFQTw9/LF2XnWZZ/rCmAiAxNf2eoimI49XyL0DrAM0k
+HahGiLAK/F4GhTBv8Ct+A==
-----END CERTIFICATE-----
, ClientTLSCert:-----BEGIN CERTIFICATE-----
MIIC3DCCAoKgAwIBAgIUTIRaoY38ylFYlyo5UPJaHO8UyL4wCgYIKoZIzj0EAwIw
VjELMAkGA1UEBhMCS1IxEDAOBgNVBAgTB0RhZWplb24xFzAVBgNVBAoTDmJpZ3Bp
Y3R1cmVsYWJzMQswCQYDVQQLEwJjYTEPMA0GA1UEAxMGY2EtYnBsMB4XDTE5MTIy
ODA1MzgwMFoXDTIwMTIyNzA1NDMwMFowfDELMAkGA1UEBhMCS1IxEDAOBgNVBAgT
B0RhZWplb24xFzAVBgNVBAoTDmJpZ3BpY3R1cmVsYWJzMSswDgYDVQQLEwdvcmRl
cmVyMAoGA1UECxMDYnBsMA0GA1UECxMGZmFicmljMRUwEwYDVQQDEwxvcmRlcmVy
Mi5icGwwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATD3raCU1OC0dmGpiFKixuZ
cYV/ikGwxNBdVGkdOU01ROZWHUpSzlYFq0i5Mq4JGLtcJuIdjCYIZ+MkEsTNbnpL
o4IBBjCCAQIwDgYDVR0PAQH/BAQDAgOoMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr
BgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBRVXLrZSEK8x4DPkawYGaNM
SO3DCTAfBgNVHSMEGDAWgBQUQCH0Jo1n+EwtZOMd6qwL4gDAZjAXBgNVHREEEDAO
ggxvcmRlcmVyMi5icGwwagYIKgMEBQYHCAEEXnsiYXR0cnMiOnsiaGYuQWZmaWxp
YXRpb24iOiJicGwuZmFicmljIiwiaGYuRW5yb2xsbWVudElEIjoib3JkZXJlcjIu
YnBsIiwiaGYuVHlwZSI6Im9yZGVyZXIifX0wCgYIKoZIzj0EAwIDSAAwRQIhALqM
SUA0+Aewypl30NF/C2Y0DdFQTw9/LF2XnWZZ/rCmAiAxNf2eoimI49XyL0DrAM0k
+HahGiLAK/F4GhTBv8Ct+A==
-----END CERTIFICATE-----
]
2019-12-28 05:56:55.867 UTC [orderer.common.cluster] updateStubInMapping -> INFO 00c Allocating a new stub for node 2 with endpoint of orderer1.bpl:7050 for channel trust-chain-system-channel
2019-12-28 05:56:55.867 UTC [orderer.common.cluster] updateStubInMapping -> INFO 00d Deactivating node 2 in channel trust-chain-system-channel with endpoint of orderer1.bpl:7050 due to TLS certificate change
2019-12-28 05:56:55.867 UTC [orderer.common.cluster] updateStubInMapping -> INFO 00e Allocating a new stub for node 3 with endpoint of orderer2.bpl:7050 for channel trust-chain-system-channel
2019-12-28 05:56:55.867 UTC [orderer.common.cluster] updateStubInMapping -> INFO 00f Deactivating node 3 in channel trust-chain-system-channel with endpoint of orderer2.bpl:7050 due to TLS certificate change
2019-12-28 05:56:55.868 UTC [orderer.common.cluster] applyMembershipConfig -> INFO 010 2 exists in both old and new membership for channel trust-chain-system-channel , skipping its deactivation
2019-12-28 05:56:55.868 UTC [orderer.common.cluster] applyMembershipConfig -> INFO 011 3 exists in both old and new membership for channel trust-chain-system-channel , skipping its deactivation
2019-12-28 05:56:55.868 UTC [orderer.common.cluster] Configure -> INFO 012 Exiting
2019-12-28 05:56:55.868 UTC [orderer.consensus.etcdraft] start -> INFO 013 Starting raft node as part of a new channel channel=trust-chain-system-channel node=1
2019-12-28 05:56:55.868 UTC [orderer.consensus.etcdraft] becomeFollower -> INFO 014 1 became follower at term 0 channel=trust-chain-system-channel node=1
2019-12-28 05:56:55.868 UTC [orderer.consensus.etcdraft] newRaft -> INFO 015 newRaft 1 [peers: [], term: 0, commit: 0, applied: 0, lastindex: 0, lastterm: 0] channel=trust-chain-system-channel node=1
2019-12-28 05:56:55.868 UTC [orderer.consensus.etcdraft] becomeFollower -> INFO 016 1 became follower at term 1 channel=trust-chain-system-channel node=1
2019-12-28 05:56:55.869 UTC [orderer.common.server] Start -> INFO 017 Starting orderer:
Version: 1.4.4
Commit SHA: 7917a40
Go version: go1.12.12
OS/Arch: linux/amd64
2019-12-28 05:56:55.869 UTC [orderer.common.server] Start -> INFO 018 Beginning to serve requests
2019-12-28 05:56:55.869 UTC [orderer.consensus.etcdraft] apply -> INFO 019 Applied config change to add node 1, current nodes in channel: [1 2 3] channel=trust-chain-system-channel node=1
2019-12-28 05:56:55.869 UTC [orderer.consensus.etcdraft] apply -> INFO 01a Applied config change to add node 2, current nodes in channel: [1 2 3] channel=trust-chain-system-channel node=1
2019-12-28 05:56:55.869 UTC [orderer.consensus.etcdraft] apply -> INFO 01b Applied config change to add node 3, current nodes in channel: [1 2 3] channel=trust-chain-system-channel node=1
2019-12-28 05:56:57.686 UTC [orderer.consensus.etcdraft] Step -> INFO 01c 1 [logterm: 1, index: 3, vote: 0] cast MsgPreVote for 2 [logterm: 1, index: 3] at term 1 channel=trust-chain-system-channel node=1
2019-12-28 05:56:57.688 UTC [orderer.consensus.etcdraft] Step -> INFO 01d 1 [term: 1] received a MsgVote message with higher term from 2 [term: 2] channel=trust-chain-system-channel node=1
2019-12-28 05:56:57.688 UTC [orderer.consensus.etcdraft] becomeFollower -> INFO 01e 1 became follower at term 2 channel=trust-chain-system-channel node=1
2019-12-28 05:56:57.688 UTC [orderer.consensus.etcdraft] Step -> INFO 01f 1 [logterm: 1, index: 3, vote: 0] cast MsgVote for 2 [logterm: 1, index: 3] at term 2 channel=trust-chain-system-channel node=1
2019-12-28 05:56:57.691 UTC [orderer.consensus.etcdraft] run -> INFO 020 raft.node: 1 elected leader 2 at term 2 channel=trust-chain-system-channel node=1
2019-12-28 05:56:57.692 UTC [orderer.consensus.etcdraft] serveRequest -> INFO 021 Raft leader changed: 0 -> 2 channel=trust-chain-system-channel node=1
2019-12-28 05:57:31.382 UTC [orderer.common.broadcast] ProcessMessage -> WARN 022 [channel: activitych] Rejecting broadcast of config message from 172.22.0.1:52856 because of error: implicit policy evaluation failed - 0 sub-policies were satisfied, but this policy requires 1 of the 'Writers' sub-policies to be satisfied: permission denied
2019-12-28 05:57:31.384 UTC [comm.grpc.server] 1 -> INFO 023 streaming call completed grpc.service=orderer.AtomicBroadcast grpc.method=Broadcast grpc.peer_address=172.22.0.1:52856 grpc.code=OK grpc.call_duration=8.4914ms
2019-12-28 05:57:31.430 UTC [comm.grpc.server] 1 -> INFO 024 streaming call completed grpc.service=orderer.AtomicBroadcast grpc.method=Deliver grpc.peer_address=172.22.0.1:52858 grpc.code=OK grpc.call_duration=480.4µs
在这一点上,我很好奇我如何获得管理员身份。我的政策是“ MSP.admin”,我使用的身份已在参数--id.type admin中注册。
答案 0 :(得分:1)
这是我看到的Hyperledger Fabric最常见的问题之一。创建频道很容易(与其他操作相比),但是一旦开始使用策略和身份,就很容易出错。在这方面,Fabric有所改善,因为它现在指出不满足哪个策略-以前没有提供,因为它从技术上“泄漏”了策略信息。
我鼓励您阅读并了解Policies的工作方式(即ImplicitMeta是由Signature组成的)。
默认情况下,调用链码(使用称为对等/提议的资源)需要满足的策略是 Channel / Application / Writers 。这通常是ImplicitMeta类型的策略,考虑到您未在回答中提供它,我假设您尚未从默认的“ ANY Writers”中对其进行过修改。然后,它应该从组织本身继承Signature类型。如您所说,它要求该请求由管理员或客户端类型的证书签名。似乎您使用的证书不满足此要求。
解决此问题的方法可能是更改策略以接受组织下任何类型的签名。在您的情况下,它看起来像:
Writers:
Type: Signature
Rule: "OR('BPLMSP.member')"
请注意,这会稍微放松组织内部的安全性,但允许您创建渠道。
答案 1 :(得分:0)
针对您的情况:
0 sub-policies were satisfied
“零”表示没有证书用于签署交易,因此您只需要将管理证书复制到正确的目录即可!