每当我的应用程序尝试运行 gateway.connect(connectionProfile, connectionOptions);
时,我都会收到以下错误:
error: [ServiceEndpoint]: Error: Failed to connect before the deadline on Endorser- name: peer0org1, url:grpcs://0.0.0.0:30012, connected:false, connectAttempted:true
error: [ServiceEndpoint]: waitForReady - Failed to connect to remote gRPC server peer0org1 url:grpcs://0.0.0.0:30012 timeout:3000
info: [NetworkConfig]: buildPeer - Unable to connect to the endorser peer0org1 due to Error: Failed to connect before the deadline on Endorser- name: peer0org1, url:grpcs://0.0.0.0:30012, connected:false, connectAttempted:true
error: [ServiceEndpoint]: Error: Failed to connect before the deadline on Endorser- name: peer0org2, url:grpcs://0.0.0.0:30015, connected:false, connectAttempted:true
error: [ServiceEndpoint]: waitForReady - Failed to connect to remote gRPC server peer0org2 url:grpcs://0.0.0.0:30015 timeout:3000
info: [NetworkConfig]: buildPeer - Unable to connect to the endorser peer0org2 due to Error: Failed to connect before the deadline on Endorser- name: peer0org2, url:grpcs://0.0.0.0:30015, connected:false, connectAttempted:true
在对等日志中,我看到以下错误消息:
[core.comm] ServerHandshake -> ERRO 06f Server TLS handshake failed in 2.895908ms with error tls: failed to verify client certificate: x509: certificate signed by unknown authority server=ChaincodeServer remoteaddress=192.168.15.6:52552
[core.comm] ServerHandshake -> ERRO 070 Server TLS handshake failed in 4.805823ms with error tls: failed to verify client certificate: x509: certificate signed by unknown authority server=ChaincodeServer remoteaddress=192.168.15.6:52560
[core.comm] ServerHandshake -> ERRO 071 Server TLS handshake failed in 2.988008ms with error tls: failed to verify client certificate: x509: certificate signed by unknown authority server=ChaincodeServer remoteaddress=192.168.15.6:52576
[core.comm] ServerHandshake -> ERRO 072 Server TLS handshake failed in 2.223583ms with error tls: failed to verify client certificate: x509: certificate signed by unknown authority server=ChaincodeServer remoteaddress=192.168.15.6:52598
我在本地 microk8s kubernetes 集群上运行我的网络。所有 peers 和 orderer pod 都有自己的 NodePort
类型的 Service
。我还在 pod 上运行我的链码作为外部服务,每个组织一个。
所有证书均使用 Fabric-CA 生成:1 个用于通信的 TLS 证书和 1 个 RCA 用于每个组织。
我没有在 pod 上运行我的应用程序,我只是运行 node app.js
这是我的应用程序代码:
async function funcName(...) {
const wallet = await Wallets.newFileSystemWallet('path/to/wallet');
const gateway = new Gateway();
try {
const userName = 'User1@org1.example.com';
let connectionProfile = yaml.load(fs.readFileSync('./gateway/networkConnection.yaml', 'utf8'));
let connectionOptions = {
identity: userName,
wallet: wallet,
discovery: { enabled:true, asLocalhost: true }
};
await gateway.connect(connectionProfile, connectionOptions);
...
这是我的 networkConnection.yaml:
---
name: "test-network"
x-type: "hlfv1"
description: "Description"
version: "1.0"
client:
organization: Org1
channels:
canalhash:
orderers:
- orderer1
- orderer2
- orderer3
- orderer4
- orderer5
peers:
peer0org1:
endorsingPeer: true
chaincodeQuery: true
ledgerQuery: true
eventSource: true
organizations:
Org1:
mspid: Org1MSP
peers:
- peer0org1
certificateAuthorities:
- rca-org1
Org2:
mspid: Org2MSP
peers:
- peer0org2
orderers:
orderer1:
url: grpcs://0.0.0.0:30017
grpcOptions:
ssl-target-name-override: orderer1
tlsCACerts:
path: /home/network/crypto-config/ordererOrganizations/example.com/msp/tlscacerts/tls-ca-cert.pem
orderer2:
url: grpcs://0.0.0.0:30018
grpcOptions:
ssl-target-name-override: orderer2
tlsCACerts:
path: /home/network/crypto-config/ordererOrganizations/example.com/msp/tlscacerts/tls-ca-cert.pem
orderer3:
url: grpcs://0.0.0.0:30019
grpcOptions:
ssl-target-name-override: orderer3
tlsCACerts:
path: /home/network/crypto-config/ordererOrganizations/example.com/msp/tlscacerts/tls-ca-cert.pem
orderer4:
url: grpcs://0.0.0.0:30020
grpcOptions:
ssl-target-name-override: orderer4
tlsCACerts:
path: /home/network/crypto-config/ordererOrganizations/example.com/msp/tlscacerts/tls-ca-cert.pem
orderer5:
url: grpcs://0.0.0.0:30021
grpcOptions:
ssl-target-name-override: orderer5
tlsCACerts:
path: /home/network/crypto-config/ordererOrganizations/example.com/msp/tlscacerts/tls-ca-cert.pem
peers:
peer0org1:
url: grpcs://0.0.0.0:30012
grpcOptions:
ssl-target-name-override: peer0org1
request-timeout: 120001
tlsCACerts:
path: /home/network/crypto-config/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls-ca/tls-ca-cert.pem
peer0org2:
url: grpcs://0.0.0.0:30015
grpcOptions:
ssl-target-name-override: peer0org2
request-timeout: 120001
tlsCACerts:
path: /home/network/crypto-config/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls-ca/tls-ca-cert.pem
certificateAuthorities:
rca-org1:
url: https://0.0.0.0:30009
httpOptions:
verify: false
tlsCACerts:
path: /home/storage/rca-org1/crypto/ca-cert.pem
registrar:
- enrollId: admin
enrollSecret: adminpw
caName: rca-org1
rca-org2:
url: https://0.0.0.0:30010
httpOptions:
verify: false
tlsCACerts:
path: /home/storage/rca-org1/crypto/ca-cert.pem
registrar:
- enrollId: admin
enrollSecret: adminpw
caName: rca-org2
tls-ca:
url: https://0.0.0.0:30007
httpOptions:
verify: false
tlsCACerts:
path: /home/storage/tls-ca/crypto/ca-cert.pem
registrar:
- enrollId: tls-ca-admin
enrollSecret: tls-ca-adminpw
caName: tls-ca
有人知道是什么导致了这些错误吗?如果需要有关我的网络的更多信息,请询问它,我会用它来编辑我的问题。