我正在尝试使用订货人和2个对等设置一个示例超级结构化结构环境 . 我没有使用docker方法而是我正在运行实际的可执行文件 .
Orderer和2个对等节点成功启动 . 但是,通道创建失败,并出现以下错误 . 任何帮助将不胜感激 .
Error on the orderer window
> 2017-08-17 07:28:22.338 IST [orderer/common/deliver] Handle -> WARN
> 029 Error reading from stream: rpc error: code = Canceled desc =
> context canceled 2017-08-17 07:31:08.044 IST [common/config/channel]
> CommitProposals -> WARN 02a Current configuration has no policy
> '/Channel/Application/Readers', this will likely cause problems in
> production systems 2017-08-17 07:31:08.050 IST [common/config/channel]
> CommitProposals -> WARN 02b Current configuration has no policy
> '/Channel/Application/Writers', this will likely cause problems in
> production systems 2017-08-17 07:31:08.050 IST [common/config/channel]
> CommitProposals -> WARN 02c Current configuration has no policy
> '/Channel/Application/Admins', this will likely cause problems in
> production systems 2017-08-17 07:31:08.051 IST [cauthdsl] func2 ->
> ERRO 02d Principal deserialization failure (The supplied identity is
> not valid, Verify() returned x509: certificate signed by unknown
> authority) for identity
> 0a07506565724f726712e7052d2d2d2d2d424547494e202d2d2d2d2d0a4d494943427a43434161326741774942416749514e303434797750356c6d6c3477613379723836355a6a414b42676771686b6a4f50515144416a426e4d5173770a435159445651514745774a56557a45544d4245474131554543424d4b5132467361575a76636d3570595445574d4251474131554542784d4e5532467549455a790a5957356a61584e6a627a45544d4245474131554543684d4b593246795a6d46344c6d4e76625445574d4251474131554541784d4e59324575593246795a6d46340a4c6d4e7662544165467730784e7a41344d5459784e7a41344e445261467730794e7a41344d5451784e7a41344e4452614d465578437a414a42674e56424159540a416c56544d524d77455159445651514945777044595778705a6d3979626d6c684d52597746415944565151484577315459573467526e4a68626d4e7063324e760a4d526b774677594456515144444242425a473170626b426a59584a6d59586775593239744d466b77457759484b6f5a497a6a3043415159494b6f5a497a6a30440a4151634451674145743046756e6d577635336b6366417846785953784c44565164324d336b6d586345714b556c77507a6a444a544b626c4265317931376b39380a4c64384f2f57374c777a71394b374f563957394a3765367962736b44324b4e4e4d45737744675944565230504151482f42415144416765414d417747413155640a457745422f7751434d4141774b7759445652306a42435177496f4167445a62512f58784241523253396670326b64587a78546a666c35685055724958376635460a664d446d6b4f7377436759494b6f5a497a6a304541774944534141775251496841507a303051514962515769727a467962357978736a3168384d6a316a37482b0a333971735171445438387a684169426a6776705a777675764947456b6a624a75697663574b3172476f36416b314430362f7445527a59383538513d3d0a2d2d2d2d2d454e44202d2d2d2d2d0a
> 2017-08-17 07:31:08.052 IST [orderer/common/broadcast] Handle -> WARN
> 02e [channel: testing] Rejecting broadcast of config message because
> of error: Error authorizing update: Error validating DeltaSet: Policy
> for [Groups] /Channel/Application not satisfied: Failed to reach
> implicit threshold of 1 sub-policies, required 1 remaining 2017-08-17
> 07:31:08.063 IST [orderer/common/deliver] Handle -> WARN 02f Error
> reading from stream: rpc error: code = Canceled desc = context
> canceled
Value of ORDERER_TLS
ORDERER_TLS =“ - tls true - cafile /opt/gopath/src/github.com/hyperledger/fabric/sampleconfig/tls/ca.crt”
Error while creating the channel
node1@ubuntu:/opt/gopath/src/github.com/hyperledger/fabric/build/bin$ peer channel create $ORDERER_TLS -f /home/node1/Downloads/fabricDeployment-master/testing.tx -c testing -o node1.honda.com:7050 --logging-level DEBUG -v
2017-08-17 07:28:21.953 IST [msp] GetLocalMSP -> DEBU 001 Returning existing local MSP
2017-08-17 07:28:21.953 IST [msp] GetDefaultSigningIdentity -> DEBU 002 Obtaining default signing identity
2017-08-17 07:28:21.996 IST [channelCmd] InitCmdFactory -> INFO 003 Endorser and orderer connections initialized
2017-08-17 07:28:22.014 IST [msp] GetLocalMSP -> DEBU 004 Returning existing local MSP
2017-08-17 07:28:22.019 IST [msp] GetDefaultSigningIdentity -> DEBU 005 Obtaining default signing identity
2017-08-17 07:28:22.019 IST [msp] GetLocalMSP -> DEBU 006 Returning existing local MSP
2017-08-17 07:28:22.019 IST [msp] GetDefaultSigningIdentity -> DEBU 007 Obtaining default signing identity
2017-08-17 07:28:22.019 IST [msp/identity] Sign -> DEBU 008 Sign: plaintext: 0AF3050A07506565724F726712E7052D...69636174696F6E2F41646D696E731801
2017-08-17 07:28:22.019 IST [msp/identity] Sign -> DEBU 009 Sign: digest: 63EBD4B3B350685B39A0C8E8E216EFCB3D4C3C82F74B6FA2638D2A7974EB1E74
2017-08-17 07:28:22.020 IST [msp] GetLocalMSP -> DEBU 00a Returning existing local MSP
2017-08-17 07:28:22.020 IST [msp] GetDefaultSigningIdentity -> DEBU 00b Obtaining default signing identity
2017-08-17 07:28:22.020 IST [msp] GetLocalMSP -> DEBU 00c Returning existing local MSP
2017-08-17 07:28:22.020 IST [msp] GetDefaultSigningIdentity -> DEBU 00d Obtaining default signing identity
2017-08-17 07:28:22.020 IST [msp/identity] Sign -> DEBU 00e Sign: plaintext: 0AA6060A1108021A0608BEF0D3CC0522...1A843140B4B661FA8CBCB3170133AC2B
2017-08-17 07:28:22.020 IST [msp/identity] Sign -> DEBU 00f Sign: digest: EB039E58FB665150B556394FD464155BBB349CEBB591A578DE402789465EDA84
Error: Got unexpected status: BAD_REQUEST -- Error authorizing update: Error validating DeltaSet: Policy for [Groups] /Channel/Application not satisfied: Failed to reach implicit threshold of 1 sub-policies, required 1 remaining
Usage:
peer channel create [flags]
Flags:
-c, --channelID string In case of a newChain command, the channel ID to create.
-f, --file string Configuration transaction file generated by a tool such as configtxgen for submitting to orderer
-t, --timeout int Channel creation timeout (default 5)
Global Flags:
--cafile string Path to file containing PEM-encoded trusted certificate(s) for the ordering endpoint
--logging-level string Default logging level and overrides, see core.yaml for full syntax
-o, --orderer string Ordering service endpoint
--ordererTLSHostnameOverride string The hostname override to use when validating the TLS connection to the orderer.
--test.coverprofile string Done (default "coverage.cov")
--tls Use TLS when communicating with the orderer endpoint
-v, --version Display current version of fabric peer server
Edit Start
感谢您回复Yacovm . 我仍然面临同样的问题 . 事实上,我正在使用你的github代码来试试这个样本 . 该脚本非常棒且易于理解
让我快速简要介绍一下我目前的设置 .
Environment 3个节点正在运行 - Ubuntu 16
> **Node1 Details** Hostname : node1 Domain name : honda.com User1 : node1 User2 : Admin
>
> **Node2 Details** Hostname : node2 Domain name : carfax.com User1 : node2 User2 : Admin
>
> **Node3 Details** Hostname : node3 Domain name : carfax.com User1 : node3 User2 : Admin
Step 1 : 在所有3台机器上下载了Fabric源并运行“make” - 一切都成功了
源位于以下路径中:/opt/gopath/src/github.com/hyperledger/fabric
Step 2 :
在node1机器上下载fabricDeployment-master / home / node1 / Downloads / fabricDeployment-master从node1机器,我运行以下(我使用github中提供的deploy.sh稍作更改)
[[ -z $GOPATH ]] && (echo "Environment variable GOPATH isn't set!"; exit 1)
FABRIC=$GOPATH/src/github.com/hyperledger/fabric
[[ -d "$FABRIC" ]] || (echo "Directory $FABRIC doesn't exist!"; exit 1)
for file in configtxgen peer cryptogen; do
[[ -f $file ]] && continue
binary=$FABRIC/build/bin/$file
[[ ! -f $binary ]] && ( cd $FABRIC ; make $file)
cp $binary $file && continue
done
for file in configtxgen peer cryptogen; do
[[ ! -f $file ]] && echo "$file isn't found, aborting!" && exit 1
done
. config.sh
bootPeer=$(echo ${peers} | awk '{print $1}')
anchorPeer=$(echo ${peers} | awk '{print $1}')
PROPAGATEPEERNUM=${PROPAGATEPEERNUM:-3}
i=0
for p in $orderer $peers ; do
echo "Making Directory structure for $p"
mkdir -p $p/sampleconfig/crypto
mkdir -p $p/sampleconfig/tls
ip=$(getIP $p)
echo "${p}'s ip address is ${ip}"
orgLeader=false
bootstrap=$anchorPeer:7051
if [[ $i -eq 1 ]];then
orgLeader=true
fi
(( i += 1 ))
echo "Creating core.yaml from core.yaml.template for $p"
cat core.yaml.template | sed "s/PROPAGATEPEERNUM/${PROPAGATEPEERNUM}/ ; s/PEERID/$p/ ; s/ADDRESS/$p/ ; s/ORGLEADER/$orgLeader/ ; s/BOOTSTRAP/$bootPeer:7051/ ; s/TLS_CERT/$p.carfax.com-cert.pem/" > $p/sampleconfig/core.yaml
done
echo "Creating configtx.yaml from configtx.yaml.template with ANCHOR_PEER_IP & ORDERER_IP"
cat configtx.yaml.template | sed "s/ANCHOR_PEER_IP/$anchorpeer/ ; s/ORDERER_IP/$orderer/" > configtx.yaml
echo "Creating crypto-config.yml from crypto-config.yml.template with ORDERER_IP and adding hostname node2 & node3"
cat crypto-config.yml.template | sed "s/ORDERER_IP/$orderer/" > crypto-config.yml
for p in $peers ; do
echo " - Hostname: $p" >> crypto-config.yml
done
cat << EOF >> crypto-config.yml
Users:
Count: 1
EOF
./cryptogen generate --config crypto-config.yml
./configtxgen -profile Genesis -outputBlock genesis.block -channelID system
./configtxgen -profile Channels -outputCreateChannelTx yacov.tx -channelID yacov
./configtxgen -profile Channels -outputAnchorPeersUpdate OrdererOrganchors.tx -channelID yacov -asOrg PeerOrg
mv genesis.block node1/sampleconfig/
cp orderer.yaml node1/sampleconfig/
cp -r crypto-config/ordererOrganizations/honda.com/orderers/node1.honda.com/msp/* node1/sampleconfig/crypto
cp -r crypto-config/ordererOrganizations/honda.com/orderers/node1.honda.com/tls/* node1/sampleconfig/tls
cp -r crypto-config/peerOrganizations/carfax.com/peers/node2.carfax.com/msp/* node2/sampleconfig/crypto
cp -r crypto-config/peerOrganizations/carfax.com/peers/node2.carfax.com/tls/* node2/sampleconfig/tls/
cp -r crypto-config/peerOrganizations/carfax.com/peers/node3.carfax.com/msp/* node3/sampleconfig/crypto
cp -r crypto-config/peerOrganizations/carfax.com/peers/node3.carfax.com/tls/* node3/sampleconfig/tls/
echo "Deploying configuration - Moving configurations to respective machines"
scp -r node1/sampleconfig/* node1@node1:/opt/gopath/src/github.com/hyperledger/fabric/sampleconfig/
scp -r node2/sampleconfig/* node2@node2:/opt/gopath/src/github.com/hyperledger/fabric/sampleconfig/
scp -r node3/sampleconfig/* node3@node3:/opt/gopath/src/github.com/hyperledger/fabric/sampleconfig/
Step 3 :
结果是crypto-config.yaml
OrdererOrgs:
- Name: Org0
Domain: honda.com
PeerOrgs:
- Name: Org1
Domain: carfax.com
- Hostname: node2
- Hostname: node3
Users:
Count: 1
Resulting crypto-config.yaml
Profiles:
Genesis:
Orderer:
<<: *OrdererDefaults
Organizations:
- *OrdererOrg
Consortiums:
SampleConsortium:
Organizations:
- *PeerOrg
Channels:
Consortium: SampleConsortium
Application:
<<: *ApplicationDefaults
Organizations:
- *PeerOrg
Organizations:
- &OrdererOrg
Name: OrdererOrg
ID: OrdererOrg
MSPDir: crypto-config/ordererOrganizations/honda.com/msp
AdminPrincipal: Role.ADMIN
- &PeerOrg
Name: PeerOrg
ID: PeerOrg
MSPDir: crypto-config/peerOrganizations/carfax.com/msp
AdminPrincipal: Role.ADMIN
AnchorPeers:
- Host: node2
Port: 7051
Orderer: &OrdererDefaults
OrdererType: solo
Addresses:
- node1:7050
BatchTimeout: 1ms
BatchSize:
MaxMessageCount: 10
AbsoluteMaxBytes: 99 MB
PreferredMaxBytes: 512 KB
MaxChannels: 0
Kafka:
Brokers:
- 127.0.0.1:9092
Organizations:
Application: &ApplicationDefault
小号
Step 4 : 从node1作为node1用户启动orderer从node2启动peer1作为node2用户从node3启动peer2作为node3用户
直到这里工作正常
Step 5 : Channel Creation
从node1作为node1用户,运行以下命令
node1 @ ubuntu:〜/ Downloads / fabricDeployment-master $ pwd
/home/node1/Downloads/fabricDeployment-master
export FABRIC=$GOPATH/src/github.com/hyperledger/fabric
export ORDERER_TLS="--tls true --cafile `pwd`/crypto-config/ordererOrganizations/honda.com/orderers/node1.honda.com/tls/ca.crt"
export CORE_PEER_TLS_ROOTCERT_FILE=`pwd`/crypto-config/peerOrganizations/carfax.com/peers/node2.carfax.com/tls/ca.crt
export CORE_PEER_TLS_ENABLED=true
export CORE_PEER_MSPCONFIGPATH=`pwd`/crypto-config/peerOrganizations/carfax.com/users/Admin@carfax.com/msp
export CORE_PEER_LOCALMSPID=PeerOrg
/opt/gopath/src/github.com/hyperledger/fabric/build/bin/peer channel create $ORDERER_TLS -f yacov.tx -c yacov -o node1:7050
Contents of configtx.yaml
---
Profiles:
Genesis:
Orderer:
<<: *OrdererDefaults
Organizations:
- *OrdererOrg
Consortiums:
SampleConsortium:
Organizations:
- *PeerOrg
Channels:
Consortium: SampleConsortium
Application:
<<: *ApplicationDefaults
Organizations:
- *PeerOrg
Organizations:
- &OrdererOrg
Name: OrdererOrg
ID: OrdererOrg
MSPDir: crypto-config/ordererOrganizations/honda.com/msp
AdminPrincipal: Role.ADMIN
- &PeerOrg
Name: PeerOrg
ID: PeerOrg
MSPDir: crypto-config/peerOrganizations/carfax.com/msp
AdminPrincipal: Role.ADMIN
AnchorPeers:
- Host:
Port: 7051
Orderer: &OrdererDefaults
OrdererType: solo
Addresses:
- node1:7050
BatchTimeout: 1ms
BatchSize:
MaxMessageCount: 10
AbsoluteMaxBytes: 99 MB
PreferredMaxBytes: 512 KB
MaxChannels: 0
Kafka:
Brokers:
- 127.0.0.1:9092
Organizations:
Application: &ApplicationDefaults
Organizations:
Output of command line statements when executing Genesis Block
2017-08-18 16:50:37.015 IST [common/tools/configtxgen] main -> INFO 001 Loading configuration
2017-08-18 16:50:37.175 IST [common / tools / configtxgen] doOutputBlock - > INFO 002生成创世块2017-08-18 16:50:37.179 IST [common / tools / configtxgen] doOutputBlock - > INFO 003 Writing成因块
Output of Genesis Block
<1.{��������G<&�����n��ix*s!�0
�0
�0
t
����"system*@d6a8b389f09cd34562dda9af564c11bd28fed0ae9c42070f11a56c678b19e704h�N�b����S���>%��_bٮ�/
�/�/�
Consortiums��
SampleConsortium��
PeerOrg��
MSP���
PeerOrg�-----BEGIN CERTIFICATE-----
MIICKzCCAdGgAwIBAgIQCxUbHYlT+2GRvjnArG6gZjAKBggqhkjOPQQDAjBnMQsw
CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZy
YW5jaXNjbzETMBEGA1UEChMKY2FyZmF4LmNvbTEWMBQGA1UEAxMNY2EuY2FyZmF4
LmNvbTAeFw0xNzA4MTgxMTIwMzZaFw0yNzA4MTYxMTIwMzZaMGcxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4gRnJhbmNpc2Nv
MRMwEQYDVQQKEwpjYXJmYXguY29tMRYwFAYDVQQDEw1jYS5jYXJmYXguY29tMFkw
EwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEUufxUYHLgvaxfm6AObKj60v4dIwd0/gT
Xd17VLEWlUpNR63se9yjzIbKzBw2rxje+9GalDDOaNJzFG+XXNz6wKNfMF0wDgYD
VR0PAQH/BAQDAgGmMA8GA1UdJQQIMAYGBFUdJQAwDwYDVR0TAQH/BAUwAwEB/zAp
BgNVHQ4EIgQgEk7d6Qvvq5FBNjXfHh0Fa4MjzHXcsIKg0+B+vdZT6D8wCgYIKoZI
zj0EAwIDSAAwRQIhAI7atq+JHSmzBwZ034y6u54+uBPe+S9qyqrTVDQ9a6RoAiBG
n8WRFVKobSeMJR6igf78tAjWVuSdEhhBJV2rGKmD1Q==
-----END CERTIFICATE-----
"�-----BEGIN CERTIFICATE-----
MIICBzCCAa2gAwIBAgIQfWg0mgPDxGOBJpfWRqJ3tzAKBggqhkjOPQQDAjBnMQsw
CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZy
YW5jaXNjbzETMBEGA1UEChMKY2FyZmF4LmNvbTEWMBQGA1UEAxMNY2EuY2FyZmF4
LmNvbTAeFw0xNzA4MTgxMTIwMzZaFw0yNzA4MTYxMTIwMzZaMFUxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4gRnJhbmNpc2Nv
MRkwFwYDVQQDDBBBZG1pbkBjYXJmYXguY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0D
AQcDQgAEWmAAX6Xj0/H7a5S6K5lA7u1pQLYZ/6iTTLn2E1JTWTd0jI5sh0zcL9qf
dkfIk/8G0u6rLUA8WDv0EZqvi8Mt8KNNMEswDgYDVR0PAQH/BAQDAgeAMAwGA1Ud
EwEB/wQCMAAwKwYDVR0jBCQwIoAgEk7d6Qvvq5FBNjXfHh0Fa4MjzHXcsIKg0+B+
vdZT6D8wCgYIKoZIzj0EAwIDSAAwRQIhAI3IKnk6Rxw3s78GuTpwiVjObwR1ylOo
juILM99AMMFrAiAUx31MEvAZaw89QQ8KirZzl/JnCERoQ0kz8ov3jiFJzA==
-----END CERTIFICATE-----
B
SHA2SHA256J�-----BEGIN CERTIFICATE-----
MIICMDCCAdegAwIBAgIQbuC39Z6/ccEP3hMMe5cGSjAKBggqhkjOPQQDAjBqMQsw
CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZy
YW5jaXNjbzETMBEGA1UEChMKY2FyZmF4LmNvbTEZMBcGA1UEAxMQdGxzY2EuY2Fy
ZmF4LmNvbTAeFw0xNzA4MTgxMTIwMzZaFw0yNzA4MTYxMTIwMzZaMGoxCzAJBgNV
BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4gRnJhbmNp
c2NvMRMwEQYDVQQKEwpjYXJmYXguY29tMRkwFwYDVQQDExB0bHNjYS5jYXJmYXgu
Y29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE2oEQ9GicVdKYvI9pHj3iWb4P
rjT7VO8weBDbDe0/MfxwhDsXe5uReASpL2YcbUYb1nCc/n9z/qvq23LXzPusaKNf
MF0wDgYDVR0PAQH/BAQDAgGmMA8GA1UdJQQIMAYGBFUdJQAwDwYDVR0TAQH/BAUw
AwEB/zApBgNVHQ4EIgQg/o+D3yG/Yzjm3Ka2AcI8VU63RSvF8aHIvnD10/EQtZgw
CgYIKoZIzj0EAwIDRwAwRAIgXM/MWiZFfRQdAy1ybRHV8/A2IO8Xu6+aIKcSK5kF
mXgCIBFDIzDA0DjeO0O3F7dBEf3nbiSvCQgIBQQbjGKm15+D
-----END CERTIFICATE-----
Admins"1
Admins'
PeerOrgAdmins"0
Readers%
PeerOrgAdmins"0
Writers%
PeerOrgAdmins*Admins@
ChannelCreationPolicy'
Admins/Channel/Orderer/Admins*/Channel/Orderer/Admins"
AdminsAdmins*/Channel/Orderer/Admins�
Orderer��
OrdererOrg��
MSP���
OrdererOrg�-----BEGIN CERTIFICATE-----
MIICJzCCAc6gAwIBAgIRAIMBXTi8vzqOVhQiXB+ovQMwCgYIKoZIzj0EAwIwZTEL
MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG
cmFuY2lzY28xEjAQBgNVBAoTCWhvbmRhLmNvbTEVMBMGA1UEAxMMY2EuaG9uZGEu
Y29tMB4XDTE3MDgxODExMjAzNloXDTI3MDgxNjExMjAzNlowZTELMAkGA1UEBhMC
VVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28x
EjAQBgNVBAoTCWhvbmRhLmNvbTEVMBMGA1UEAxMMY2EuaG9uZGEuY29tMFkwEwYH
KoZIzj0CAQYIKoZIzj0DAQcDQgAEm3VY12jlinzimYav4K39anZGIyd7DrygL7fV
b57S7tpvwTXWfGNt58tDBf584w1Bw7Yr6M3unJjWfNj7VaLwd6NfMF0wDgYDVR0P
AQH/BAQDAgGmMA8GA1UdJQQIMAYGBFUdJQAwDwYDVR0TAQH/BAUwAwEB/zApBgNV
HQ4EIgQgMfMrGCUNqJqCehc2xsAYVyWqVTV3jYDcnmkyBhtFSGcwCgYIKoZIzj0E
AwIDRwAwRAIgMrdpDfMnULyS2dMtjfdWGAXPxDj4URM0nelcSjOpmAoCIB24mFvn
C34fP8icL0QVIOf+mPin2jD4HgsDP58dDFtu
-----END CERTIFICATE-----
"�-----BEGIN CERTIFICATE-----
MIICBDCCAaqgAwIBAgIQOHnvuaxK4NLP1+Qb7OIm+DAKBggqhkjOPQQDAjBlMQsw
CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZy
YW5jaXNjbzESMBAGA1UEChMJaG9uZGEuY29tMRUwEwYDVQQDEwxjYS5ob25kYS5j
b20wHhcNMTcwODE4MTEyMDM2WhcNMjcwODE2MTEyMDM2WjBUMQswCQYDVQQGEwJV
UzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEY
MBYGA1UEAwwPQWRtaW5AaG9uZGEuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD
QgAEUe6whrR0aqrwMJ+kKZaAetMAYmBON4S9yu0VPaGDuaEmQufj6guOFP6eQ+6A
LPRa1LaDEWAO0sPg9xtSc2P0MaNNMEswDgYDVR0PAQH/BAQDAgeAMAwGA1UdEwEB
/wQCMAAwKwYDVR0jBCQwIoAgMfMrGCUNqJqCehc2xsAYVyWqVTV3jYDcnmkyBhtF
SGcwCgYIKoZIzj0EAwIDSAAwRQIhAMS9lF1z1wyp90zW2rgrIz7m0iX/hCUyR15N
kSPTuzTQAiB6HWU0nabnzQHOcWwalz4WoCeIJRA6kjpQoP7yq7JmrQ==
-----END CERTIFICATE-----
B
SHA2SHA256J�-----BEGIN CERTIFICATE-----
MIICLjCCAdSgAwIBAgIRAP+2jzBK3BFU8vDd0QvneV4wCgYIKoZIzj0EAwIwaDEL
MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG
cmFuY2lzY28xEjAQBgNVBAoTCWhvbmRhLmNvbTEYMBYGA1UEAxMPdGxzY2EuaG9u
ZGEuY29tMB4XDTE3MDgxODExMjAzNloXDTI3MDgxNjExMjAzNlowaDELMAkGA1UE
BhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBGcmFuY2lz
Y28xEjAQBgNVBAoTCWhvbmRhLmNvbTEYMBYGA1UEAxMPdGxzY2EuaG9uZGEuY29t
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE3vaA4FhLDOMH7h39Ih2ivixOlg+n
OI7+mF0GQrG8f2qop4gSaZQwtVIj5MpzTBcKqaa0l0k8FDdlobDtJ94QVKNfMF0w
DgYDVR0PAQH/BAQDAgGmMA8GA1UdJQQIMAYGBFUdJQAwDwYDVR0TAQH/BAUwAwEB
/zApBgNVHQ4EIgQgxL6aI6nufoznFDDukcIWHhrAYIrNu7tNFYfHsoxgX0IwCgYI
KoZIzj0EAwIDSAAwRQIhAJ5fLjps0Fq0r0l0Vfi1/35TMYgo9/6rNRkjnCZ3xPEV
AiAVbQba7Pg9s8Ej6ok2zta1biohj5+k/flDM5KXM1NfOg==
-----END CERTIFICATE-----
Admins"4
Admins*
OrdererOrgAdmins"3
Readers(
OrdererOrgAdmins"3
Writers(
OrdererOrgAdmins*Admins!
ConsensusType
soloAdmins"
BatchSize
���1�� Admins
BatchTimeout
1msAdmins
ChannelRestrictionsAdmins"*
ockValidation
WritersAdmins""
aders
ReadersAdmins""
iters
WritersAdmins""
Admins
AdminsAdmins*Admins&
HashingAlgorithm
SHA256Admins-
BlockDataHashingStructure����Admins;
OrdererAddresses'
node1:7050/Channel/Orderer/Admins""
aders
ReadersAdmins""
iters
WritersAdmins""
Admins
AdminsAdmins*Admins
5 回答
这通常表示 Channels 创建事务的签名者没有其中一个联盟组织的管理员权限,但是,由于其他一些原因,它可能表示失败 .
不幸的是,错误必须有点神秘,以避免泄漏有关财团或渠道成员资格的信息 . 要获得根本原因,您需要检查订货人日志 . 如果尚未设置,则需要在
orderer.yaml中将日志级别上调至debug,或者在启动订货人之前设置ORDERER_GENERAL_LOGLEVEL=debug. 在您的订货人日志中,您将看到与对等客户端输出相同的错误文本,但在前面的行中您将看到错误的其他原因 .最常见的原因是:
该标识不在组织的管理员列表中 .
组织证书未由组织CA链有效签名 .
订货人不知道身份的组织 .
其他一些不太可能的可能性因为您使用的是对等二进制而不是自定义代码
签名与标识或有符号字节不匹配 .
身份格式错误 .
假设orderer日志中的原因不明显,如果你在这里发布,我很乐意帮助诊断它们 .
哦,作为一个有用的提示 . 您可以使用
configtxgen -inspectBlock <genesis.block>查看更易读的Genesisblock版本 .编辑:回顾帖子的顶部我在orderer日志中看到此输出:
这表明证书声称由CA颁发,但未由订购者知道的CA签署(上面的错误类型2) . 如果您引导订购者,然后为您的环境重新生成加密材料而不删除订货人的存储目录,则通常会发生这种情况 .
重要的是要记住只有在系统尚未引导的情况下才会读取
ORDERER_GENERAL_GENESISFILE,因此更改订货人的创世块将不会产生任何影响,除非还删除了订货人存储 .这与TLS无关,因为请求已到达订货人 . 这是一个TLS问题 - 你不会得到以下错误:
现在,错误基本上意味着您尝试发送用于创建 Channels 的事务,但该事务是由不是 Channels 管理员的用户(客户端证书)签名的 .
您需要在命令前加上类似于this的内容:
以下解决方案适合我 .
进入对等的docker容器 . 转到
/etc/hyperledger/msp/users/Admin@org1.example.com/msp并运行export CORE_PEER_MSPCONFIGPATH=$PWD使用适当的标志再次运行
peer channel create命令 .在我的例子中,orderer的docker-compose文件中有一些缺少的条目:
ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]已更改为ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt, /etc/hyperledger/crypto/peerORG1/tls/ca.crt, /etc/hyperledger/crypto/peerORG2/tls/ca.crt, /etc/hyperledger/crypto/peerORG3/tls/ca.crt]然后它有效 .这是您可能想要检查的内容,特别是如果您有自定义设置 .
在我的情况下,唯一缺少的是正确定义
CORE_PEER_MSPCONFIGPATH. 使用面料1.1希望它能帮助他人 .