在 docker 容器上运行的 Fabric 客户端应用程序无法连接到 orderer 容器

时间:2021-01-24 01:45:25

标签: java docker ssl hyperledger-fabric hyperledger

我使用的是fabric-samples 2.2“测试网络”应用程序。 使用fabric ca 启动网络后,我尝试从我的sdk 客户端应用程序连接并发送交易。但是,我收到错误,因为它无法连接到订购者。 我收到以下异常


blockchainservice    | Channel Pipeline: [SslHandler#0, ProtocolNegotiators$ClientTlsHandler#0, WriteBufferingAndExceptionHandler#0, DefaultChannelPipeline$TailContext#0]

blockchainservice    |

blockchainservice    | org.hyperledger.fabric.sdk.exception.TransactionException: Channel mychannel, send transaction failed on orderer OrdererClient{id: 9, channel: mychannel, name: orderer.example.com, url: grpcs://host.docker.internal:7050}. Reason: UNAVAILABLE: io exception

blockchainservice    | Channel Pipeline: [SslHandler#0, ProtocolNegotiators$ClientTlsHandler#0, WriteBufferingAndExceptionHandler#0, DefaultChannelPipeline$TailContext#0]

blockchainservice    |  at org.hyperledger.fabric.sdk.OrdererClient.sendTransaction(OrdererClient.java:236) ~[fabric-sdk-java-2.0.0.jar!/:na]

blockchainservice    |  at org.hyperledger.fabric.sdk.Orderer.sendTransaction(Orderer.java:164) ~[fabric-sdk-java-2.0.0.jar!/:na]

以下是orderer peer的日志


2021-01-24 01:30:04.383 UTC [core.comm] ServerHandshake -> ERRO 100 TLS handshake failed with error remote error: tls: internal error server=Orderer remoteaddress=172.25.0.1:33964

注意:- 我能够通过从本地和 cli 运行客户端应用程序来连接到网络并执行事务。但是,当我从 docker 容器运行相同的应用程序时,它抛出错误。

下面是我在客户端应用程序中的 networkconfig.yaml

name: test-network-org1
version: 1.0.0
client:
  organization: Org1
  connection:
    timeout:
      peer:
        endorser: '300'

channels:
  mychannel:
    orderers:
      - orderer.example.com
    peers:
      peer0.org1.example.com:
        endorsingPeer: true
        chaincodeQuery: true
        ledgerQuery: true
        eventSource: true
      peer0.org2.example.com:
        endorsingPeer: true
        chaincodeQuery: true
        ledgerQuery: true
        eventSource: true

organizations:
  Org1:
    mspid: Org1MSP
    peers:
    - peer0.org1.example.com
    certificateAuthorities:
    - ca.org1.example.com

orderers:
  orderer.example.com:
    url: grpcs://host.docker.internal:7050
    grpcOptions:
      ssl-target-name-override: orderer.example.com
    tlsCACerts:
      path: /opt/app/organizations/ordererOrganizations/example.com/msp/tlscacerts/tlsca.example.com-cert.pem
peers:
  peer0.org1.example.com:
    url: grpcs://host.docker.internal:7051
    tlsCACerts:
      path: /opt/app/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt
    grpcOptions:
      ssl-target-name-override: peer0.org1.example.com
      hostnameOverride: peer0.org1.example.com
  peer0.org2.example.com:
    url: grpcs://host.docker.internal:9051
    tlsCACerts:
      path: /opt/app/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt
    grpcOptions:
      ssl-target-name-override: peer0.org2.example.com
      hostnameOverride: peer0.org2.example.com
certificateAuthorities:
  ca.org1.example.com:
    url: https://host.docker.internal:7054
    caName: ca-org1
    tlsCACerts:
      path: /opt/app/organizations/fabric-ca/org1/ca-cert.pem
    httpOptions:
      verify: false

客户端应用程序中详细的堆栈跟踪

2021-01-24 20:59:05.073 ERROR 1 --- [ault-executor-2] o.hyperledger.fabric.sdk.OrdererClient   : OrdererClient{id: 9, channel: mychannel, name: orderer.example.com, url: grpcs://host.docker.internal:7050}  managed channel isTerminated: false, isShutdown: false, state: TRANSIENT_FAILURE
2021-01-24 20:59:05.079 ERROR 1 --- [ault-executor-2] o.hyperledger.fabric.sdk.OrdererClient   : Received error org.hyperledger.fabric.sdk.OrdererClient$1@5bad10f  UNAVAILABLE: io exception
Channel Pipeline: [SslHandler#0, ProtocolNegotiators$ClientTlsHandler#0, WriteBufferingAndExceptionHandler#0, DefaultChannelPipeline$TailContext#0]
io.grpc.StatusRuntimeException: UNAVAILABLE: io exception
Channel Pipeline: [SslHandler#0, ProtocolNegotiators$ClientTlsHandler#0, WriteBufferingAndExceptionHandler#0, DefaultChannelPipeline$TailContext#0]
    at io.grpc.Status.asRuntimeException(Status.java:533) ~[grpc-api-1.27.2.jar!/:1.27.2]]
Caused by: javax.net.ssl.SSLHandshakeException: General OpenSslEngine problem
    at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.handshakeException(ReferenceCountedOpenSslEngine.java:1732) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
    at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.wrap(ReferenceCountedOpenSslEngine.java:774) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
    at java.base/javax.net.ssl.SSLEngine.wrap(SSLEngine.java:522) ~[na:na]
    at io.netty.handler.ssl.SslHandler.wrap(SslHandler.java:1046) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
    at io.netty.handler.ssl.SslHandler.wrapNonAppData(SslHandler.java:937) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
    at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1395) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
    at io.netty.handler.ssl.SslHandler.decodeJdkCompatible(SslHandler.java:1227) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
    at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1274) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
    at io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:503) ~[netty-codec-4.1.43.Final.jar!/:4.1.43.Final]
    at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:442) ~[netty-codec-4.1.43.Final.jar!/:4.1.43.Final]
    at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:281) ~[netty-codec-4.1.43.Final.jar!/:4.1.43.Final]
    at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:374) ~[netty-transport-4.1.43.Final.jar!/:4.1.43.Final]
    at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:360) ~[netty-transport-4.1.43.Final.jar!/:4.1.43.Final]
    at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:352) ~[netty-transport-4.1.43.Final.jar!/:4.1.43.Final]
    at io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1422) ~[netty-transport-4.1.43.Final.jar!/:4.1.43.Final]
    at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:374) ~[netty-transport-4.1.43.Final.jar!/:4.1.43.Final]
    at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:360) ~[netty-transport-4.1.43.Final.jar!/:4.1.43.Final]
    at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:931) ~[netty-transport-4.1.43.Final.jar!/:4.1.43.Final]
    at io.netty.channel.epoll.AbstractEpollStreamChannel$EpollStreamUnsafe.epollInReady(AbstractEpollStreamChannel.java:792) ~[netty-transport-native-epoll-4.1.43.Final-linux-x86_64.jar!/:4.1.43.Final]
    at io.netty.channel.epoll.EpollEventLoop.processReady(EpollEventLoop.java:502) ~[netty-transport-native-epoll-4.1.43.Final-linux-x86_64.jar!/:4.1.43.Final]
    at io.netty.channel.epoll.EpollEventLoop.run(EpollEventLoop.java:407) ~[netty-transport-native-epoll-4.1.43.Final-linux-x86_64.jar!/:4.1.43.Final]
    at io.netty.util.concurrent.SingleThreadEventExecutor$6.run(SingleThreadEventExecutor.java:1050) ~[netty-common-4.1.43.Final.jar!/:4.1.43.Final]
    at io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74) ~[netty-common-4.1.43.Final.jar!/:4.1.43.Final]
    at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30) ~[netty-common-4.1.43.Final.jar!/:4.1.43.Final]
    ... 1 common frames omitted
Caused by: java.security.cert.CertificateException: No subject alternative names matching IP address host.docker.internal found
    at java.base/sun.security.util.HostnameChecker.matchIP(HostnameChecker.java:165) ~[na:na]
    at java.base/sun.security.util.HostnameChecker.match(HostnameChecker.java:101) ~[na:na]
    at java.base/sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:455) ~[na:na]
    at java.base/sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:429) ~[na:na]
    at java.base/sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:283) ~[na:na]
    at java.base/sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:141) ~[na:na]
    at io.netty.handler.ssl.ReferenceCountedOpenSslClientContext$ExtendedTrustManagerVerifyCallback.verify(ReferenceCountedOpenSslClientContext.java:255) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
    at io.netty.handler.ssl.ReferenceCountedOpenSslContext$AbstractCertificateVerifier.verify(ReferenceCountedOpenSslContext.java:701) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
    at io.netty.internal.tcnative.SSL.readFromSSL(Native Method) ~[netty-tcnative-boringssl-static-2.0.26.Final.jar!/:2.0.26.Final]
    at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.readPlaintextData(ReferenceCountedOpenSslEngine.java:593) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
    at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.unwrap(ReferenceCountedOpenSslEngine.java:1176) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
    at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.unwrap(ReferenceCountedOpenSslEngine.java:1293) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
    at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.unwrap(ReferenceCountedOpenSslEngine.java:1336) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
    at io.netty.handler.ssl.SslHandler$SslEngineType$1.unwrap(SslHandler.java:204) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
    at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1332) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
    ... 19 common frames omitted

2021-01-24 20:59:05.083 ERROR 1 --- [or-http-epoll-2] o.hyperledger.fabric.sdk.OrdererClient   : OrdererClient{id: 9, channel: mychannel, name: orderer.example.com, url: grpcs://host.docker.internal:7050} grpc status Code:io exception
Channel Pipeline: [SslHandler#0, ProtocolNegotiators$ClientTlsHandler#0, WriteBufferingAndExceptionHandler#0, DefaultChannelPipeline$TailContext#0], Description UNAVAILABLE,

javax.net.ssl.SSLHandshakeException: General OpenSslEngine problem
    at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.handshakeException(ReferenceCountedOpenSslEngine.java:1732) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
    at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.wrap(ReferenceCountedOpenSslEngine.java:774) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
    at java.base/javax.net.ssl.SSLEngine.wrap(SSLEngine.java:522) ~[na:na]
    at io.netty.handler.ssl.SslHandler.wrap(SslHandler.java:1046) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
    at io.netty.handler.ssl.SslHandler.wrapNonAppData(SslHandler.java:937) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
    at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1395) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
    at io.netty.handler.ssl.SslHandler.decodeJdkCompatible(SslHandler.java:1227) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
    at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1274) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
    at io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:503) ~[netty-codec-4.1.43.Final.jar!/:4.1.43.Final]
    at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:442) ~[netty-codec-4.1.43.Final.jar!/:4.1.43.Final]
    at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:281) ~[netty-codec-4.1.43.Final.jar!/:4.1.43.Final]
    at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:374) ~[netty-transport-4.1.43.Final.jar!/:4.1.43.Final]
    at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:360) ~[netty-transport-4.1.43.Final.jar!/:4.1.43.Final]
    at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:352) ~[netty-transport-4.1.43.Final.jar!/:4.1.43.Final]
    at io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1422) ~[netty-transport-4.1.43.Final.jar!/:4.1.43.Final]
    at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:374) ~[netty-transport-4.1.43.Final.jar!/:4.1.43.Final]
    at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:360) ~[netty-transport-4.1.43.Final.jar!/:4.1.43.Final]
    at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:931) ~[netty-transport-4.1.43.Final.jar!/:4.1.43.Final]
    at io.netty.channel.epoll.AbstractEpollStreamChannel$EpollStreamUnsafe.epollInReady(AbstractEpollStreamChannel.java:792) ~[netty-transport-native-epoll-4.1.43.Final-linux-x86_64.jar!/:4.1.43.Final]
    at io.netty.channel.epoll.EpollEventLoop.processReady(EpollEventLoop.java:502) ~[netty-transport-native-epoll-4.1.43.Final-linux-x86_64.jar!/:4.1.43.Final]
    at io.netty.channel.epoll.EpollEventLoop.run(EpollEventLoop.java:407) ~[netty-transport-native-epoll-4.1.43.Final-linux-x86_64.jar!/:4.1.43.Final]
    at io.netty.util.concurrent.SingleThreadEventExecutor$6.run(SingleThreadEventExecutor.java:1050) ~[netty-common-4.1.43.Final.jar!/:4.1.43.Final]
    at io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74) ~[netty-common-4.1.43.Final.jar!/:4.1.43.Final]
    at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30) ~[netty-common-4.1.43.Final.jar!/:4.1.43.Final]
    at java.base/java.lang.Thread.run(Thread.java:834) ~[na:na]
Caused by: java.security.cert.CertificateException: No subject alternative names matching IP address host.docker.internal found
    at java.base/sun.security.util.HostnameChecker.matchIP(HostnameChecker.java:165) ~[na:na]
    at java.base/sun.security.util.HostnameChecker.match(HostnameChecker.java:101) ~[na:na]
    at java.base/sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:455) ~[na:na]
    at java.base/sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:429) ~[na:na]
    at java.base/sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:283) ~[na:na]
    at java.base/sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:141) ~[na:na]
    at io.netty.handler.ssl.ReferenceCountedOpenSslClientContext$ExtendedTrustManagerVerifyCallback.verify(ReferenceCountedOpenSslClientContext.java:255) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
    at io.netty.handler.ssl.ReferenceCountedOpenSslContext$AbstractCertificateVerifier.verify(ReferenceCountedOpenSslContext.java:701) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
    at io.netty.internal.tcnative.SSL.readFromSSL(Native Method) ~[netty-tcnative-boringssl-static-2.0.26.Final.jar!/:2.0.26.Final]
    at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.readPlaintextData(ReferenceCountedOpenSslEngine.java:593) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
    at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.unwrap(ReferenceCountedOpenSslEngine.java:1176) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
    at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.unwrap(ReferenceCountedOpenSslEngine.java:1293) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
    at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.unwrap(ReferenceCountedOpenSslEngine.java:1336) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
    at io.netty.handler.ssl.SslHandler$SslEngineType$1.unwrap(SslHandler.java:204) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
    at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1332) ~[netty-handler-4.1.43.Final.jar!/:4.1.43.Final]
    ... 19 common frames omitted

2021-01-24 20:59:05.084 ERROR 1 --- [or-http-epoll-2] o.hyperledger.fabric.sdk.OrdererClient   : OrdererClient{id: 9, channel: mychannel, name: orderer.example.com, url: grpcs://host.docker.internal:7050}sendTransaction error Channel mychannel, send transaction failed on orderer OrdererClient{id: 9, channel: mychannel, name: orderer.example.com, url: grpcs://host.docker.internal:7050}. Reason: UNAVAILABLE: io exception
Channel Pipeline: [SslHandler#0, ProtocolNegotiators$ClientTlsHandler#0, WriteBufferingAndExceptionHandler#0, DefaultChannelPipeline$TailContext#0]

org.hyperledger.fabric.sdk.exception.TransactionException: Channel mychannel, send transaction failed on orderer OrdererClient{id: 9, channel: mychannel, name: orderer.example.com, url: grpcs://host.docker.internal:7050}. Reason: UNAVAILABLE: io exception
Channel Pipeline: [SslHandler#0, ProtocolNegotiators$ClientTlsHandler#0, WriteBufferingAndExceptionHandler#0, DefaultChannelPipeline$TailContext#0]
    at org.hyperledger.fabric.sdk.OrdererClient.sendTransaction(OrdererClient.java:236) ~[fabric-sdk-java-2.0.0.jar!/:na]
    at org.hyperledger.fabric.sdk.Orderer.sendTransaction(Orderer.java:164) ~[fabric-sdk-java-2.0.0.jar!/:na]
    at org.hyperledger.fabric.sdk.Channel.doSendTransaction(Channel.java:5686) ~[fabric-sdk-java-2.0.0.jar!/:na]
    at org.hyperledger.fabric.sdk.Channel.sendTransaction(Channel.java:5533) ~[fabric-sdk-java-2.0.0.jar!/:na]
    at org.hyperledger.fabric.gateway.impl.TransactionImpl.commitTransaction(TransactionImpl.java:138) ~[fabric-gateway-java-2.0.0.jar!/:na]
    at org.hyperledger.fabric.gateway.impl.TransactionImpl.submit(TransactionImpl.java:96) ~[fabric-gateway-java-2.0.0.jar!/:na]
    at com.dovetaillab.consentapi.blockchainservice.handler.Handler$submit$2.apply(Handler.kt:79) ~[classes!/:na]
    at com.dovetaillab.consentapi.blockchainservice.handler.Handler$submit$2.apply(Handler.kt:21) ~[classes!/:na]

0 个答案:

没有答案
相关问题
最新问题