对等节点开始抛出 Could not find default pkcs11 BCCSP 错误
peer node start throwing Could not find default pkcs11 BCCSP error
我正在尝试 运行 启用 SoftHSM 的 Hyperledger fabric peer。 Fabric-ca-server 已经 运行 启用了 SoftHSM,并且所有证书都是在启用 HSM 的情况下生成的。
最初,当我尝试 运行 fabric-ca-server 时,它抛出了同样的错误 Could not find defaultPKCS11BCCSP。
然后我发现有些人建议从源代码进行构建并修复了该错误。
现在我在 运行 peer node start 命令 bootstrap peer 时遇到同样的错误。
core.yaml上的BCCSP内容如下:
# BCCSP (Blockchain crypto provider): Select which crypto implementation or
# library to use
BCCSP:
Default: PKCS11
# Settings for the SW crypto provider (i.e. when DEFAULT: SW)
SW:
# TODO: The default Hash and Security level needs refactoring to be
# fully configurable. Changing these defaults requires coordination
# SHA2 is hardcoded in several places, not only BCCSP
Hash: SHA2
Security: 256
# Location of Key Store
FileKeyStore:
# If "", defaults to 'mspConfigPath'/keystore
KeyStore:
# Settings for the PKCS#11 crypto provider (i.e. when DEFAULT: PKCS11)
PKCS11:
# Location of the PKCS11 module library
Library: /usr/local/lib/softhsm/libsofthsm2.so
# Token Label
Label: ForFabric
# User PIN
Pin: 98765432
Hash: SHA2
Security: 256
FileKeyStore:
KeyStore: /home/akshay/dev/fabric-ca/fabric-ca-client/peerOrg/msp/keystore
我运行时的错误peer node start:
$ peer node start
2018-12-28 14:48:50.508 IST [main] InitCmd -> ERRO 001 Cannot run peer because error when setting up MSP of type bccsp from directory /home/akshay/dev/fabric-ca/fabric-ca-client/peerOrg/msp: could not initialize BCCSP Factories: Failed initializing BCCSP.: Could not initialize BCCSP SW [Failed to initialize software key store: An invalid KeyStore path provided. Path cannot be an empty string.]
Could not find default `PKCS11` BCCSP
我正在使用以下对等版本:
$ peer version
peer:
Version: 1.4.0
Commit SHA: 9cd9fce
Go version: go1.11.2
OS/Arch: linux/amd64
Chaincode:
Base Image Version: 0.4.14
Base Docker Namespace: hyperledger
Base Docker Label: org.hyperledger.fabric
Docker Namespace: hyperledger
有两个问题:
1) 确保删除 core.yaml 中 BCCSP 下的 SW: 部分
2) 默认情况下,对等二进制文件和 Docker 映像都是在不支持 PCKS11 的情况下构建的。您可以使用 GO_TAGS=pkcs11 make peer
自己构建对等二进制文件
我正在尝试 运行 启用 SoftHSM 的 Hyperledger fabric peer。 Fabric-ca-server 已经 运行 启用了 SoftHSM,并且所有证书都是在启用 HSM 的情况下生成的。
最初,当我尝试 运行 fabric-ca-server 时,它抛出了同样的错误 Could not find defaultPKCS11BCCSP。
然后我发现有些人建议从源代码进行构建并修复了该错误。
现在我在 运行 peer node start 命令 bootstrap peer 时遇到同样的错误。
core.yaml上的BCCSP内容如下:
# BCCSP (Blockchain crypto provider): Select which crypto implementation or
# library to use
BCCSP:
Default: PKCS11
# Settings for the SW crypto provider (i.e. when DEFAULT: SW)
SW:
# TODO: The default Hash and Security level needs refactoring to be
# fully configurable. Changing these defaults requires coordination
# SHA2 is hardcoded in several places, not only BCCSP
Hash: SHA2
Security: 256
# Location of Key Store
FileKeyStore:
# If "", defaults to 'mspConfigPath'/keystore
KeyStore:
# Settings for the PKCS#11 crypto provider (i.e. when DEFAULT: PKCS11)
PKCS11:
# Location of the PKCS11 module library
Library: /usr/local/lib/softhsm/libsofthsm2.so
# Token Label
Label: ForFabric
# User PIN
Pin: 98765432
Hash: SHA2
Security: 256
FileKeyStore:
KeyStore: /home/akshay/dev/fabric-ca/fabric-ca-client/peerOrg/msp/keystore
我运行时的错误peer node start:
$ peer node start
2018-12-28 14:48:50.508 IST [main] InitCmd -> ERRO 001 Cannot run peer because error when setting up MSP of type bccsp from directory /home/akshay/dev/fabric-ca/fabric-ca-client/peerOrg/msp: could not initialize BCCSP Factories: Failed initializing BCCSP.: Could not initialize BCCSP SW [Failed to initialize software key store: An invalid KeyStore path provided. Path cannot be an empty string.]
Could not find default `PKCS11` BCCSP
我正在使用以下对等版本:
$ peer version
peer:
Version: 1.4.0
Commit SHA: 9cd9fce
Go version: go1.11.2
OS/Arch: linux/amd64
Chaincode:
Base Image Version: 0.4.14
Base Docker Namespace: hyperledger
Base Docker Label: org.hyperledger.fabric
Docker Namespace: hyperledger
有两个问题:
1) 确保删除 core.yaml 中 BCCSP 下的 SW: 部分
2) 默认情况下,对等二进制文件和 Docker 映像都是在不支持 PCKS11 的情况下构建的。您可以使用 GO_TAGS=pkcs11 make peer