时间戳

首页 > 解决方案 > 超级账本结构:找不到匹配的 SKI 私钥

hyperledger-fabric - 超级账本结构:找不到匹配的 SKI 私钥

问题描述

这是我在stackoverflow上的第一篇文章,通常我每次来stackoverflow时都会找到解决方案,但这次不是:(

我正在尝试为供应链实施超级账本结构解决方案。我可以执行通道、链码、addpeers...我还可以通过终端实例化和调用链码。

我想用 node sdk 创建一个与我的区块链交互的应用程序,所以我想使用fabric-ca。下面是我的 docker-compose-base.yaml 文件:

ca_acheteur.example.com:
 image: hyperledger/fabric-ca
 environment:
   - FABRIC_CA_HOME=/etc/hyperledger/fabric-ca-server
   - FABRIC_CA_SERVER_CA_NAME=ca_acheteur.example.com                               
   - FABRIC_CA_SERVER_CA_CERTFILE=/etc/hyperledger/fabric-ca-server-config/ca.acheteur.example.com-cert.pem
   - FABRIC_CA_SERVER_CA_KEYFILE=/etc/hyperledger/fabric-ca-server-config/abef4d982d505c588c15bf25af3270f403c94daff71301e37a9c84abe41e6c71_sk
 ports:
   - "7054:7054"
 command: sh -c 'fabric-ca-server start -b admin:adminpw'
 volumes:
   - ./crypto-config/peerOrganizations/org1.example.com/ca/:/etc/hyperledger/fabric-ca-server-config
 container_name: ca_acheteur.example.com
 networks:
   - basic
ca_vendeur.example.com:
 image: hyperledger/fabric-ca
 environment:
   - FABRIC_CA_HOME=/etc/hyperledger/fabric-ca-server
   - FABRIC_CA_SERVER_CA_NAME=ca_vendeur.example.com
   - FABRIC_CA_SERVER_CA_CERTFILE=/etc/hyperledger/fabric-ca-server-config/ca.vendeur.example.com-cert.pem
   - FABRIC_CA_SERVER_CA_KEYFILE=/etc/hyperledger/fabric-ca-server-config/42ecb9a24235f691c5392d7eecebc458827b00bf0bf150fd727298b321b6d51d_sk
 ports:
   - "8054:8054"
 command: sh -c 'fabric-ca-server start -b admin:adminpw'
 volumes:
   - ./crypto-config/peerOrganizations/vendeur.example.com/ca/:/etc/hyperledger/fabric-ca-server-config
 container_name: ca_vendeur.example.com
 networks:
   - basic

当我启动容器时,我得到这个结果:

Creating ca_acheteur.example.com           ... done
Creating peer0.acheteur.example.com        ... done
Creating peer0.vendeur.example.com         ... done
Creating ca_vendeur.example.com            ... done
Creating orderer.example.com               ... done
Creating couchdb                           ... done
Creating cli                               ... done

CA 容器失败,下面是 docker 日志:

2018/06/19 17:10:01 [INFO] Created default configuration file at /etc/hyperledger/fabric-ca-server/fabric-ca-server-config.yaml
2018/06/19 17:10:01 [INFO] Starting server in home directory: /etc/hyperledger/fabric-ca-server
2018/06/19 17:10:01 [INFO] Server Version: 1.1.0
2018/06/19 17:10:01 [INFO] Server Levels: &{Identity:1 Affiliation:1 Certificate:1}
Error: Failed to find private key for certificate in '/etc/hyperledger/fabric-ca-server-config/ca.vendeur.example.com-cert.pem': Could not find matching private key for SKI: Failed getting key for SKI [[159 75 128 227 121 9 61 98 235 18 118 191 43 69 158 184 170 52 121 51 27 147 132 228 64 195 35 218 6 9 158 30]]: Key with SKI 9f4b80e379093d62eb1276bf2b459eb8aa3479331b9384e440c323da06099e1e not found in /etc/hyperledger/fabric-ca-server/msp/keystore

FABRIC_CA_SERVER_CA_KEYFILE 与我在同行上的本地 ca 相同。

让我知道我在这里缺少什么。

标签: hyperledger-fabric

解决方案

这是ca的私钥问题。执行 generate.sh 脚本后,将生成新证书。因此,您必须更新 docker-compose.yml 文件。

从路径粘贴文件名--> crypto-config/peerOrganizations/org1.example.com/ca/_____-sk

在 docker-compose.yml 文件中---->

环境

- FABRIC_CA_SERVER_CA_KEYFILE=/etc/hyperledger/fabric-ca-server-config/___-sk

推荐阅读