我使用的是fabric-samples 2.2“测试网络”应用程序。 使用fabric ca 启动网络后,我尝试从我的sdk 客户端应用程序连接并发送交易。但是,我收到错误,因为它无法连接到订购者。 我收到以下异常
blockchainservice | Channel Pipeline: [SslHandler#0, ProtocolNegotiators$ClientTlsHandler#0, WriteBufferingAndExceptionHandler#0, DefaultChannelPipeline$TailContext#0]
blockchainservice |
blockchainservice | org.hyperledger.fabric.sdk.exception.TransactionException: Channel mychannel, send transaction failed on orderer OrdererClient{id: 9, channel: mychannel, name: orderer.example.com, url: grpcs://host.docker.internal:7050}. Reason: UNAVAILABLE: io exception
blockchainservice | Channel Pipeline: [SslHandler#0, ProtocolNegotiators$ClientTlsHandler#0, WriteBufferingAndExceptionHandler#0, DefaultChannelPipeline$TailContext#0]
blockchainservice | at org.hyperledger.fabric.sdk.OrdererClient.sendTransaction(OrdererClient.java:236) ~[fabric-sdk-java-2.0.0.jar!/:na]
blockchainservice | at org.hyperledger.fabric.sdk.Orderer.sendTransaction(Orderer.java:164) ~[fabric-sdk-java-2.0.0.jar!/:na]
以下是orderer peer的日志
2021-01-24 01:30:04.383 UTC [core.comm] ServerHandshake -> ERRO 100 TLS handshake failed with error remote error: tls: internal error server=Orderer remoteaddress=172.25.0.1:33964
注意:- 我能够通过从本地和 cli 运行客户端应用程序来连接到网络并执行事务。但是,当我从 docker 容器运行相同的应用程序时,它抛出错误。
下面是我在客户端应用程序中的 networkconfig.yaml
name: test-network-org1
version: 1.0.0
client:
organization: Org1
connection:
timeout:
peer:
endorser: '300'
channels:
mychannel:
orderers:
- orderer.example.com
peers:
peer0.org1.example.com:
endorsingPeer: true
chaincodeQuery: true
ledgerQuery: true
eventSource: true
peer0.org2.example.com:
endorsingPeer: true
chaincodeQuery: true
ledgerQuery: true
eventSource: true
organizations:
Org1:
mspid: Org1MSP
peers:
- peer0.org1.example.com
certificateAuthorities:
- ca.org1.example.com
orderers:
orderer.example.com:
url: grpcs://host.docker.internal:7050
grpcOptions:
ssl-target-name-override: orderer.example.com
tlsCACerts:
path: /opt/app/organizations/ordererOrganizations/example.com/msp/tlscacerts/tlsca.example.com-cert.pem
peers:
peer0.org1.example.com:
url: grpcs://host.docker.internal:7051
tlsCACerts:
path: /opt/app/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt
grpcOptions:
ssl-target-name-override: peer0.org1.example.com
hostnameOverride: peer0.org1.example.com
peer0.org2.example.com:
url: grpcs://host.docker.internal:9051
tlsCACerts:
path: /opt/app/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt
grpcOptions:
ssl-target-name-override: peer0.org2.example.com
hostnameOverride: peer0.org2.example.com
certificateAuthorities:
ca.org1.example.com:
url: https://host.docker.internal:7054
caName: ca-org1
tlsCACerts:
path: /opt/app/organizations/fabric-ca/org1/ca-cert.pem
httpOptions:
verify: false
客户端应用程序中详细的堆栈跟踪
2021-01-24 20:59:05.073 ERROR 1 --- [ault-executor-2] o.hyperledger.fabric.sdk.OrdererClient : OrdererClient{id: 9, channel: mychannel, name: orderer.example.com, url: grpcs://host.docker.internal:7050} managed channel isTerminated: false, isShutdown: false, state: TRANSIENT_FAILURE
2021-01-24 20:59:05.079 ERROR 1 --- [ault-executor-2] o.hyperledger.fabric.sdk.OrdererClient : Received error org.hyperledger.fabric.sdk.OrdererClient$1@5bad10f UNAVAILABLE: io exception
Channel Pipeline: [SslHandler#0, ProtocolNegotiators$ClientTlsHandler#0, WriteBufferingAndExceptionHandler#0, DefaultChannelPipeline$TailContext#0]
io.grpc.StatusRuntimeException: UNAVAILABLE: io exception
Channel Pipeline: [SslHandler#0, ProtocolNegotiators$ClientTlsHandler#0, WriteBufferingAndExceptionHandler#0, DefaultChannelPipeline$TailContext#0]
at io.grpc.Status.asRuntimeException(Status.java:533) ~[grpc-api-1.27.2.jar!/:1.27.2]]
Caused by: javax.net.ssl.SSLHandshakeException: General OpenSslEngine problem
at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.handshakeException(ReferenceCountedOpenSslEngine.java:1732) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.wrap(ReferenceCountedOpenSslEngine.java:774) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
at java.base/javax.net.ssl.SSLEngine.wrap(SSLEngine.java:522) ~[na:na]
at io.netty.handler.ssl.SslHandler.wrap(SslHandler.java:1046) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
at io.netty.handler.ssl.SslHandler.wrapNonAppData(SslHandler.java:937) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1395) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
at io.netty.handler.ssl.SslHandler.decodeJdkCompatible(SslHandler.java:1227) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1274) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
at io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:503) ~[netty-codec-4.1.43.Final.jar!/:4.1.43.Final]
at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:442) ~[netty-codec-4.1.43.Final.jar!/:4.1.43.Final]
at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:281) ~[netty-codec-4.1.43.Final.jar!/:4.1.43.Final]
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:374) ~[netty-transport-4.1.43.Final.jar!/:4.1.43.Final]
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:360) ~[netty-transport-4.1.43.Final.jar!/:4.1.43.Final]
at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:352) ~[netty-transport-4.1.43.Final.jar!/:4.1.43.Final]
at io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1422) ~[netty-transport-4.1.43.Final.jar!/:4.1.43.Final]
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:374) ~[netty-transport-4.1.43.Final.jar!/:4.1.43.Final]
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:360) ~[netty-transport-4.1.43.Final.jar!/:4.1.43.Final]
at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:931) ~[netty-transport-4.1.43.Final.jar!/:4.1.43.Final]
at io.netty.channel.epoll.AbstractEpollStreamChannel$EpollStreamUnsafe.epollInReady(AbstractEpollStreamChannel.java:792) ~[netty-transport-native-epoll-4.1.43.Final-linux-x86_64.jar!/:4.1.43.Final]
at io.netty.channel.epoll.EpollEventLoop.processReady(EpollEventLoop.java:502) ~[netty-transport-native-epoll-4.1.43.Final-linux-x86_64.jar!/:4.1.43.Final]
at io.netty.channel.epoll.EpollEventLoop.run(EpollEventLoop.java:407) ~[netty-transport-native-epoll-4.1.43.Final-linux-x86_64.jar!/:4.1.43.Final]
at io.netty.util.concurrent.SingleThreadEventExecutor$6.run(SingleThreadEventExecutor.java:1050) ~[netty-common-4.1.43.Final.jar!/:4.1.43.Final]
at io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74) ~[netty-common-4.1.43.Final.jar!/:4.1.43.Final]
at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30) ~[netty-common-4.1.43.Final.jar!/:4.1.43.Final]
... 1 common frames omitted
Caused by: java.security.cert.CertificateException: No subject alternative names matching IP address host.docker.internal found
at java.base/sun.security.util.HostnameChecker.matchIP(HostnameChecker.java:165) ~[na:na]
at java.base/sun.security.util.HostnameChecker.match(HostnameChecker.java:101) ~[na:na]
at java.base/sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:455) ~[na:na]
at java.base/sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:429) ~[na:na]
at java.base/sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:283) ~[na:na]
at java.base/sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:141) ~[na:na]
at io.netty.handler.ssl.ReferenceCountedOpenSslClientContext$ExtendedTrustManagerVerifyCallback.verify(ReferenceCountedOpenSslClientContext.java:255) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
at io.netty.handler.ssl.ReferenceCountedOpenSslContext$AbstractCertificateVerifier.verify(ReferenceCountedOpenSslContext.java:701) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
at io.netty.internal.tcnative.SSL.readFromSSL(Native Method) ~[netty-tcnative-boringssl-static-2.0.26.Final.jar!/:2.0.26.Final]
at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.readPlaintextData(ReferenceCountedOpenSslEngine.java:593) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.unwrap(ReferenceCountedOpenSslEngine.java:1176) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.unwrap(ReferenceCountedOpenSslEngine.java:1293) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.unwrap(ReferenceCountedOpenSslEngine.java:1336) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
at io.netty.handler.ssl.SslHandler$SslEngineType$1.unwrap(SslHandler.java:204) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1332) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
... 19 common frames omitted
2021-01-24 20:59:05.083 ERROR 1 --- [or-http-epoll-2] o.hyperledger.fabric.sdk.OrdererClient : OrdererClient{id: 9, channel: mychannel, name: orderer.example.com, url: grpcs://host.docker.internal:7050} grpc status Code:io exception
Channel Pipeline: [SslHandler#0, ProtocolNegotiators$ClientTlsHandler#0, WriteBufferingAndExceptionHandler#0, DefaultChannelPipeline$TailContext#0], Description UNAVAILABLE,
javax.net.ssl.SSLHandshakeException: General OpenSslEngine problem
at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.handshakeException(ReferenceCountedOpenSslEngine.java:1732) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.wrap(ReferenceCountedOpenSslEngine.java:774) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
at java.base/javax.net.ssl.SSLEngine.wrap(SSLEngine.java:522) ~[na:na]
at io.netty.handler.ssl.SslHandler.wrap(SslHandler.java:1046) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
at io.netty.handler.ssl.SslHandler.wrapNonAppData(SslHandler.java:937) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1395) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
at io.netty.handler.ssl.SslHandler.decodeJdkCompatible(SslHandler.java:1227) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1274) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
at io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:503) ~[netty-codec-4.1.43.Final.jar!/:4.1.43.Final]
at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:442) ~[netty-codec-4.1.43.Final.jar!/:4.1.43.Final]
at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:281) ~[netty-codec-4.1.43.Final.jar!/:4.1.43.Final]
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:374) ~[netty-transport-4.1.43.Final.jar!/:4.1.43.Final]
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:360) ~[netty-transport-4.1.43.Final.jar!/:4.1.43.Final]
at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:352) ~[netty-transport-4.1.43.Final.jar!/:4.1.43.Final]
at io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1422) ~[netty-transport-4.1.43.Final.jar!/:4.1.43.Final]
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:374) ~[netty-transport-4.1.43.Final.jar!/:4.1.43.Final]
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:360) ~[netty-transport-4.1.43.Final.jar!/:4.1.43.Final]
at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:931) ~[netty-transport-4.1.43.Final.jar!/:4.1.43.Final]
at io.netty.channel.epoll.AbstractEpollStreamChannel$EpollStreamUnsafe.epollInReady(AbstractEpollStreamChannel.java:792) ~[netty-transport-native-epoll-4.1.43.Final-linux-x86_64.jar!/:4.1.43.Final]
at io.netty.channel.epoll.EpollEventLoop.processReady(EpollEventLoop.java:502) ~[netty-transport-native-epoll-4.1.43.Final-linux-x86_64.jar!/:4.1.43.Final]
at io.netty.channel.epoll.EpollEventLoop.run(EpollEventLoop.java:407) ~[netty-transport-native-epoll-4.1.43.Final-linux-x86_64.jar!/:4.1.43.Final]
at io.netty.util.concurrent.SingleThreadEventExecutor$6.run(SingleThreadEventExecutor.java:1050) ~[netty-common-4.1.43.Final.jar!/:4.1.43.Final]
at io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74) ~[netty-common-4.1.43.Final.jar!/:4.1.43.Final]
at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30) ~[netty-common-4.1.43.Final.jar!/:4.1.43.Final]
at java.base/java.lang.Thread.run(Thread.java:834) ~[na:na]
Caused by: java.security.cert.CertificateException: No subject alternative names matching IP address host.docker.internal found
at java.base/sun.security.util.HostnameChecker.matchIP(HostnameChecker.java:165) ~[na:na]
at java.base/sun.security.util.HostnameChecker.match(HostnameChecker.java:101) ~[na:na]
at java.base/sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:455) ~[na:na]
at java.base/sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:429) ~[na:na]
at java.base/sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:283) ~[na:na]
at java.base/sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:141) ~[na:na]
at io.netty.handler.ssl.ReferenceCountedOpenSslClientContext$ExtendedTrustManagerVerifyCallback.verify(ReferenceCountedOpenSslClientContext.java:255) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
at io.netty.handler.ssl.ReferenceCountedOpenSslContext$AbstractCertificateVerifier.verify(ReferenceCountedOpenSslContext.java:701) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
at io.netty.internal.tcnative.SSL.readFromSSL(Native Method) ~[netty-tcnative-boringssl-static-2.0.26.Final.jar!/:2.0.26.Final]
at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.readPlaintextData(ReferenceCountedOpenSslEngine.java:593) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.unwrap(ReferenceCountedOpenSslEngine.java:1176) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.unwrap(ReferenceCountedOpenSslEngine.java:1293) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.unwrap(ReferenceCountedOpenSslEngine.java:1336) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
at io.netty.handler.ssl.SslHandler$SslEngineType$1.unwrap(SslHandler.java:204) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1332) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
... 19 common frames omitted
2021-01-24 20:59:05.084 ERROR 1 --- [or-http-epoll-2] o.hyperledger.fabric.sdk.OrdererClient : OrdererClient{id: 9, channel: mychannel, name: orderer.example.com, url: grpcs://host.docker.internal:7050}sendTransaction error Channel mychannel, send transaction failed on orderer OrdererClient{id: 9, channel: mychannel, name: orderer.example.com, url: grpcs://host.docker.internal:7050}. Reason: UNAVAILABLE: io exception
Channel Pipeline: [SslHandler#0, ProtocolNegotiators$ClientTlsHandler#0, WriteBufferingAndExceptionHandler#0, DefaultChannelPipeline$TailContext#0]
org.hyperledger.fabric.sdk.exception.TransactionException: Channel mychannel, send transaction failed on orderer OrdererClient{id: 9, channel: mychannel, name: orderer.example.com, url: grpcs://host.docker.internal:7050}. Reason: UNAVAILABLE: io exception
Channel Pipeline: [SslHandler#0, ProtocolNegotiators$ClientTlsHandler#0, WriteBufferingAndExceptionHandler#0, DefaultChannelPipeline$TailContext#0]
at org.hyperledger.fabric.sdk.OrdererClient.sendTransaction(OrdererClient.java:236) ~[fabric-sdk-java-2.0.0.jar!/:na]
at org.hyperledger.fabric.sdk.Orderer.sendTransaction(Orderer.java:164) ~[fabric-sdk-java-2.0.0.jar!/:na]
at org.hyperledger.fabric.sdk.Channel.doSendTransaction(Channel.java:5686) ~[fabric-sdk-java-2.0.0.jar!/:na]
at org.hyperledger.fabric.sdk.Channel.sendTransaction(Channel.java:5533) ~[fabric-sdk-java-2.0.0.jar!/:na]
at org.hyperledger.fabric.gateway.impl.TransactionImpl.commitTransaction(TransactionImpl.java:138) ~[fabric-gateway-java-2.0.0.jar!/:na]
at org.hyperledger.fabric.gateway.impl.TransactionImpl.submit(TransactionImpl.java:96) ~[fabric-gateway-java-2.0.0.jar!/:na]
at com.dovetaillab.consentapi.blockchainservice.handler.Handler$submit$2.apply(Handler.kt:79) ~[classes!/:na]
at com.dovetaillab.consentapi.blockchainservice.handler.Handler$submit$2.apply(Handler.kt:21) ~[classes!/:na]