Hyperledger fabric:TLS handshake failed with error remote error: tls: bad certificate server=Orderer remoteaddress
Hyperledger fabric:TLS handshake failed with error remote error: tls: bad certificate server=Orderer remoteaddress
这似乎是 HLF 通道创建命令中的常见问题
这是我创建频道的命令
peer channel create -o orderer1.workspace:7050 -c base-main-channel -f ./config/channel.tx --tls --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/base.order/orderers/orderer1.base.order/msp/tlscacerts/tlsca.base.order-cert.pem
我从订单节点得到的错误是
ERRO 02d TLS handshake failed with error remote error: tls: bad certificate server=Orderer remoteaddress=172.23.0.7:36982
我试过这个问题的答案
但对我不起作用
我使用 raft 订购服务而不是 kafka
的唯一区别
这是我的 raft 配置
Raft:
<<: *ChannelDefaults
Capabilities:
<<: *ChannelCapabilities
Orderer:
<<: *OrdererDefaults
OrdererType: etcdraft
EtcdRaft:
Consenters:
- Host: orderer.base
Port: 7050
ClientTLSCert: crypto-config/ordererOrganizations/base.order/orderers/orderer1.base.order/tls/server.crt
ServerTLSCert: crypto-config/ordererOrganizations/base.order/orderers/orderer1.base.order/tls/server.crt
Addresses:
- orderer.base:7050
您在 peer channel create 命令中为 --cafile 使用了不正确的文件夹路径。
而不是
--cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/base.order/orderers/orderer1.base.order/msp/tlscacerts/tlsca.base.order-cert.pem
使用
--cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/base.order/tlsca/tlsca.base.order-cert.pem
另一个解决方案是删除容器的卷
docker volume rm $(docker volume ls)
并重启网络
这似乎是 HLF 通道创建命令中的常见问题
这是我创建频道的命令
peer channel create -o orderer1.workspace:7050 -c base-main-channel -f ./config/channel.tx --tls --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/base.order/orderers/orderer1.base.order/msp/tlscacerts/tlsca.base.order-cert.pem
我从订单节点得到的错误是
ERRO 02d TLS handshake failed with error remote error: tls: bad certificate server=Orderer remoteaddress=172.23.0.7:36982
我试过这个问题的答案
但对我不起作用
我使用 raft 订购服务而不是 kafka
这是我的 raft 配置
Raft:
<<: *ChannelDefaults
Capabilities:
<<: *ChannelCapabilities
Orderer:
<<: *OrdererDefaults
OrdererType: etcdraft
EtcdRaft:
Consenters:
- Host: orderer.base
Port: 7050
ClientTLSCert: crypto-config/ordererOrganizations/base.order/orderers/orderer1.base.order/tls/server.crt
ServerTLSCert: crypto-config/ordererOrganizations/base.order/orderers/orderer1.base.order/tls/server.crt
Addresses:
- orderer.base:7050
您在 peer channel create 命令中为 --cafile 使用了不正确的文件夹路径。
而不是
--cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/base.order/orderers/orderer1.base.order/msp/tlscacerts/tlsca.base.order-cert.pem
使用
--cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/base.order/tlsca/tlsca.base.order-cert.pem
另一个解决方案是删除容器的卷
docker volume rm $(docker volume ls)
并重启网络