Error: access denied for [JoinChain][mychannel]: [Failed verifying proposal's creator satisfies MSP policy [Admins]: [This identity is not an admin]]
Error: access denied for [JoinChain][mychannel]: [Failed verifying proposal's creator satisfies MSP policy [Admins]: [This identity is not an admin]]
joinChannel.js 给出以下错误:
Successfully loaded peeradmin from persistence
{ block:
{ header:
{ number: [Object],
previous_hash: [Object],
data_hash: [Object] },
data: { data: [Array] },
metadata: { metadata: [Array] } } }
error: [client-utils.js]: sendPeersProposal - Promise is rejected: Error: access denied for [JoinChain][mychannel]: [Failed verifying that proposal's creator satisfies local MSP principal during channelless check policy with policy [Admins]: [This identity is not an admin]]
not good
确切地说,抱怨的错误是什么?我无法确定它是对等管理私钥、对等管理证书、对等 tls 证书还是其他配置。我获取了同行管理员证书并将其添加到 IBP 仪表板并执行了 "Sync Certificates"。要检查哪些内容以确保我确实为管理员指定了正确的凭据?
var Fabric_Client = require('fabric-client');
var path = require('path');
var fs = require('fs');
var fabric_client = new Fabric_Client();
var ordererTLSCert = fs.readFileSync('./orderercert.pem');
var peerAdminKey = Buffer.from(fs.readFileSync('./keystore-1.pem')).toString();
// var peerAdminCert = Buffer.from(fs.readFileSync('./admincert-1.pem')).toString()
var peerAdminCert = Buffer.from(fs.readFileSync('./signcert-1.pem')).toString();
fabric_client.setAdminSigningIdentity(peerAdminKey, peerAdminCert, 'org2');
var channel = fabric_client.newChannel('mychannel');
var peer = fabric_client.newPeer('grpcs://169.xx.xx.xx:xxxxx', {
pem: peerTlsCert,
'ssl-target-name-override': null,
});
var orderer = fabric_client.newOrderer(
'grpcs://nfxxx-orderer.us08.blockchain.ibm.com:xxxxx',
{
pem: Buffer.from(ordererTLSCert).toString(),
'ssl-target-name-override': null,
}
);
channel.addPeer(peer);
channel.addOrderer(orderer);
var tx_id = null;
tx_id = fabric_client.newTransactionID(true);
let g_request = {
txId: tx_id,
// orderer,
};
channel
.getGenesisBlock(g_request)
.then(block => {
console.log({ block });
tx_id = fabric_client.newTransactionID(true);
let j_request = {
targets: peer,
block,
txId: tx_id,
};
return channel.joinChannel(j_request, 30000);
})
.then(results => {
console.log(results);
if (results && results[0].response && results[0].response.status == 200) {
// good
console.log('good');
} else {
console.log('not good');
// not good
}
})
.catch(err => {
console.error(err);
});
当您将节点加入频道时,需要使用节点本地管理员对交易进行签名。本地管理员由位于对等方 msp/admincerts 文件夹中的证书标识。
试试这个:
tx_id = fabric_client.newTransactionID(true);
您需要管理员权限才能创建或加入频道
joinChannel.js 给出以下错误:
Successfully loaded peeradmin from persistence
{ block:
{ header:
{ number: [Object],
previous_hash: [Object],
data_hash: [Object] },
data: { data: [Array] },
metadata: { metadata: [Array] } } }
error: [client-utils.js]: sendPeersProposal - Promise is rejected: Error: access denied for [JoinChain][mychannel]: [Failed verifying that proposal's creator satisfies local MSP principal during channelless check policy with policy [Admins]: [This identity is not an admin]]
not good
确切地说,抱怨的错误是什么?我无法确定它是对等管理私钥、对等管理证书、对等 tls 证书还是其他配置。我获取了同行管理员证书并将其添加到 IBP 仪表板并执行了 "Sync Certificates"。要检查哪些内容以确保我确实为管理员指定了正确的凭据?
var Fabric_Client = require('fabric-client');
var path = require('path');
var fs = require('fs');
var fabric_client = new Fabric_Client();
var ordererTLSCert = fs.readFileSync('./orderercert.pem');
var peerAdminKey = Buffer.from(fs.readFileSync('./keystore-1.pem')).toString();
// var peerAdminCert = Buffer.from(fs.readFileSync('./admincert-1.pem')).toString()
var peerAdminCert = Buffer.from(fs.readFileSync('./signcert-1.pem')).toString();
fabric_client.setAdminSigningIdentity(peerAdminKey, peerAdminCert, 'org2');
var channel = fabric_client.newChannel('mychannel');
var peer = fabric_client.newPeer('grpcs://169.xx.xx.xx:xxxxx', {
pem: peerTlsCert,
'ssl-target-name-override': null,
});
var orderer = fabric_client.newOrderer(
'grpcs://nfxxx-orderer.us08.blockchain.ibm.com:xxxxx',
{
pem: Buffer.from(ordererTLSCert).toString(),
'ssl-target-name-override': null,
}
);
channel.addPeer(peer);
channel.addOrderer(orderer);
var tx_id = null;
tx_id = fabric_client.newTransactionID(true);
let g_request = {
txId: tx_id,
// orderer,
};
channel
.getGenesisBlock(g_request)
.then(block => {
console.log({ block });
tx_id = fabric_client.newTransactionID(true);
let j_request = {
targets: peer,
block,
txId: tx_id,
};
return channel.joinChannel(j_request, 30000);
})
.then(results => {
console.log(results);
if (results && results[0].response && results[0].response.status == 200) {
// good
console.log('good');
} else {
console.log('not good');
// not good
}
})
.catch(err => {
console.error(err);
});
当您将节点加入频道时,需要使用节点本地管理员对交易进行签名。本地管理员由位于对等方 msp/admincerts 文件夹中的证书标识。
试试这个:
tx_id = fabric_client.newTransactionID(true);
您需要管理员权限才能创建或加入频道