对等节点开始抛出 Could not find default pkcs11 BCCSP 错误

peer node start throwing Could not find default pkcs11 BCCSP error

我正在尝试 运行 启用 SoftHSM 的 Hyperledger fabric peer。 Fabric-ca-server 已经 运行 启用了 SoftHSM,并且所有证书都是在启用 HSM 的情况下生成的。

最初,当我尝试 运行 fabric-ca-server 时,它抛出了同样的错误 Could not find defaultPKCS11BCCSP

然后我发现有些人建议从源代码进行构建并修复了该错误。

现在我在 运行 peer node start 命令 bootstrap peer 时遇到同样的错误。

core.yaml上的BCCSP内容如下:

# BCCSP (Blockchain crypto provider): Select which crypto implementation or
    # library to use
    BCCSP:
        Default: PKCS11
        # Settings for the SW crypto provider (i.e. when DEFAULT: SW)
        SW:
            # TODO: The default Hash and Security level needs refactoring to be
            # fully configurable. Changing these defaults requires coordination
            # SHA2 is hardcoded in several places, not only BCCSP
            Hash: SHA2
            Security: 256
            # Location of Key Store
            FileKeyStore:
                # If "", defaults to 'mspConfigPath'/keystore
                KeyStore:
        # Settings for the PKCS#11 crypto provider (i.e. when DEFAULT: PKCS11)
        PKCS11:
            # Location of the PKCS11 module library
            Library: /usr/local/lib/softhsm/libsofthsm2.so
            # Token Label
            Label: ForFabric
            # User PIN
            Pin: 98765432
            Hash: SHA2
            Security: 256
            FileKeyStore:
                KeyStore: /home/akshay/dev/fabric-ca/fabric-ca-client/peerOrg/msp/keystore

我运行时的错误peer node start:

$ peer node start
2018-12-28 14:48:50.508 IST [main] InitCmd -> ERRO 001 Cannot run peer because error when setting up MSP of type bccsp from directory /home/akshay/dev/fabric-ca/fabric-ca-client/peerOrg/msp: could not initialize BCCSP Factories: Failed initializing BCCSP.: Could not initialize BCCSP SW [Failed to initialize software key store: An invalid KeyStore path provided. Path cannot be an empty string.]
Could not find default `PKCS11` BCCSP

我正在使用以下对等版本:

$ peer version
peer:
 Version: 1.4.0
 Commit SHA: 9cd9fce
 Go version: go1.11.2
 OS/Arch: linux/amd64
 Chaincode:
  Base Image Version: 0.4.14
  Base Docker Namespace: hyperledger
  Base Docker Label: org.hyperledger.fabric
  Docker Namespace: hyperledger

有两个问题:

1) 确保删除 core.yamlBCCSP 下的 SW: 部分 2) 默认情况下,对等二进制文件和 Docker 映像都是在不支持 PCKS11 的情况下构建的。您可以使用 GO_TAGS=pkcs11 make peer

自己构建对等二进制文件