无法初始化 BCCSP 工厂:找不到默认的“PKCS11”BCCSP
could not initialize BCCSP Factories: Could not find default `PKCS11` BCCSP
我是 运行 来自 github 版本的 Hyperledger Fabric v2.2.3,在 Oracle Linux 8.4
中
https://github.com/hyperledger/fabric/releases/download/v2.3.3/hyperledger-fabric-linux-amd64-2.3.3.tar.gz
我是 运行 没有码头工人的订购者和同行。
我是 运行 PKCS11,使用没有 FabricCA 的 SoftHSM 2.5.0。
我也按照官方文档中的指南设置了 PKCS11。
https://hyperledger-fabric.readthedocs.io/en/release-2.2/hsm.html
我还阅读了这个 Whosebug post 说明需要删除 SW 部分。
我成功生成了令牌,Orderer 和 Peer 的证书。
我的 Orderer 成功启动了一切,但我的 Peer 却没有。
问题:github 版 v2.2.3 中预构建的对等二进制文件不是在启用 PKCS11 的情况下构建的吗?
我是否需要自己构建对等点以启用 PKCS11 支持?
2021-09-15 10:05:50.583 +08 [bccsp] GetDefault -> DEBU 001 Before using BCCSP, please call InitFactories(). Falling back to bootBCCSP.
2021-09-15 10:05:50.585 +08 [bccsp] GetDefault -> DEBU 002 Before using BCCSP, please call InitFactories(). Falling back to bootBCCSP.
2021-09-15 10:05:50.594 +08 [bccsp] GetDefault -> DEBU 003 Before using BCCSP, please call InitFactories(). Falling back to bootBCCSP.
2021-09-15 10:05:50.595 +08 [main] InitCmd -> ERRO 004 Cannot run peer because error when setting up MSP of type bccsp from directory /appl/blockchain/peerOrganizations/org1/users/Admin@org1/msp: could not initialize BCCSP Factories: Could not find default `PKCS11` BCCSP
我的同行core.yaml
BCCSP:
Default: PKCS11
PKCS11:
Library: /appl/softhsm/lib/softhsm/libsofthsm2.so
Label: fabric
Pin: 123456
Hash: SHA2
Security: 256
Immutable: false
我在同行的目录结构和文件。
你可以忽略 tls,因为我现在没有使用任何 tls。
[user@hyperledgerfabric org1]# tree users
users
└── Admin@org1
├── msp
│ ├── admincerts
│ ├── cacerts
│ │ └── ca.org1-cert.pem -> ../../../../ca/ca.org1-cert.pem
│ ├── config.yaml
│ ├── keystore
│ ├── signcerts
│ │ └── Admin@org1-cert.pem
│ └── tlscacerts
│ └── tlsca.org1-cert.pem -> ../../../../tlsca/tlsca.org1-cert.pem
└── tls
├── ca.crt -> ../../../tlsca/tlsca.org1-cert.pem
├── client.crt
└── client.csr
在启用 PKCS11 的情况下编译同级后更新:
现在它给出无法找到 KeyMaterial 的错误:
2021-09-17 10:50:44.513 +08 [bccsp_p11] getECKey -> DEBU 019 Private key not found [Key not found [00000000 9e c0 9a a7 5c df 5b 13 25 61 15 a4 d2 8c f3 ba |....\.[.%a......|
00000010 90 c4 15 10 b5 e0 a6 48 de fd 23 96 14 29 b1 83 |.......H..#..)..|
]] for SKI [9ec09aa75cdf5b13256115a4d28cf3ba90c41510b5e0a648defd23961429b183], looking for Public key
2021-09-17 10:50:44.515 +08 [bccsp_p11] GetKey -> DEBU 01a Key not found using PKCS11: Public key not found [Key not found [00000000 9e c0 9a a7 5c df 5b 13 25 61 15 a4 d2 8c f3 ba |....\.[.%a......|
00000010 90 c4 15 10 b5 e0 a6 48 de fd 23 96 14 29 b1 83 |.......H..#..)..|
]] for SKI [9ec09aa75cdf5b13256115a4d28cf3ba90c41510b5e0a648defd23961429b183]
2021-09-17 10:50:44.515 +08 [msp] getSigningIdentityFromConf -> DEBU 01b Could not find SKI [9ec09aa75cdf5b13256115a4d28cf3ba90c41510b5e0a648defd23961429b183], trying KeyMaterial field: Key not found. This is a dummy KeyStore
Failed getting key for SKI [[158 192 154 167 92 223 91 19 37 97 21 164 210 140 243 186 144 196 21 16 181 224 166 72 222 253 35 150 20 41 177 131]]
github.com/hyperledger/fabric/bccsp/sw.(*CSP).GetKey
/appl/src/fabric-2.2.3/bccsp/sw/impl.go:170
github.com/hyperledger/fabric/bccsp/pkcs11.(*impl).GetKey
/appl/src/fabric-2.2.3/bccsp/pkcs11/pkcs11.go:257
github.com/hyperledger/fabric/msp.(*bccspmsp).getSigningIdentityFromConf
/appl/src/fabric-2.2.3/msp/mspimpl.go:220
github.com/hyperledger/fabric/msp.(*bccspmsp).setupSigningIdentity
/appl/src/fabric-2.2.3/msp/mspimplsetup.go:401
github.com/hyperledger/fabric/msp.(*bccspmsp).preSetupV142
/appl/src/fabric-2.2.3/msp/mspimplsetup.go:586
github.com/hyperledger/fabric/msp.(*bccspmsp).setupV142
/appl/src/fabric-2.2.3/msp/mspimplsetup.go:647
github.com/hyperledger/fabric/msp.(*bccspmsp).Setup
/appl/src/fabric-2.2.3/msp/mspimpl.go:267
github.com/hyperledger/fabric/msp/cache.(*cachedMSP).Setup
/appl/src/fabric-2.2.3/msp/cache/cache.go:88
github.com/hyperledger/fabric/msp/mgmt.LoadLocalMspWithType
/appl/src/fabric-2.2.3/msp/mgmt/mgmt.go:33
github.com/hyperledger/fabric/internal/peer/common.InitCrypto
/appl/src/fabric-2.2.3/internal/peer/common/common.go:144
github.com/hyperledger/fabric/internal/peer/common.InitCmd
/appl/src/fabric-2.2.3/internal/peer/common/common.go:324
github.com/hyperledger/fabric/internal/peer/channel.glob..func1
/appl/src/fabric-2.2.3/internal/peer/channel/channel.go:102
github.com/spf13/cobra.(*Command).execute
/appl/src/fabric-2.2.3/vendor/github.com/spf13/cobra/command.go:746
github.com/spf13/cobra.(*Command).ExecuteC
/appl/src/fabric-2.2.3/vendor/github.com/spf13/cobra/command.go:852
github.com/spf13/cobra.(*Command).Execute
/appl/src/fabric-2.2.3/vendor/github.com/spf13/cobra/command.go:800
main.main
/appl/src/fabric-2.2.3/cmd/peer/main.go:54
runtime.main
/appl/go/src/runtime/proc.go:255
runtime.goexit
/appl/go/src/runtime/asm_amd64.s:1581
2021-09-17 10:50:44.515 +08 [main] InitCmd -> ERRO 01c Cannot run peer because error when setting up MSP of type bccsp from directory /appl/blockchain/peerOrganizations/org1/users/Admin@org1/msp: KeyMaterial not found in SigningIdentityInfo
这是 SoftHSM 中的令牌和对象:
[user@hyperledgerfabric ~]# pkcs11-tool --module /appl/softhsm/lib/softhsm/libsofthsm2.so --token-label "fabric" --list-objects
Certificate Object; type = X.509 cert
label: tlspeer.org1
subject: DN: C=MY, ST=Wilayah Persekutuan Kuala Lumpur, L=Kuala Lumpur, O=Default Company Ltd, CN=peer.org1
ID: 746c73706565722e66696e6578757367726f75702e636f6d0a
Certificate Object; type = X.509 cert
label: orderer.ordererOrg
subject: DN: C=MY, ST=Wilayah Persekutuan Kuala Lumpur, L=Kuala Lumpur, O=ordererOrg, OU=orderer, CN=orderer.ordererOrg
ID: 6f7264657265722e68616c616c666f6f6470672e66696e6578757367726f75702e636f6d0a
Public Key Object; EC EC_POINT 256 bits
EC_POINT: 044104f8cab0e26330c5cde55afb3ffbffe0fee8a96cca7fcb08d7360e736b21552a337f0f29b1f68d708b296dcdc75922a9e709ffad6a3f3863f6ae039a71fac49d06
EC_PARAMS: 06082a8648ce3d030107
label: tlspeer.org1
ID: 746c73706565722e66696e6578757367726f75702e636f6d0a
Usage: encrypt, verify, wrap, derive
Access: local
Public Key Object; EC EC_POINT 256 bits
EC_POINT: 044104ae4ae570e763654d9fa9f3bec3ffddde7402044153c32f3490e8f8d5a4c90be884385237fa9659914730ff38751bb3b9c8b046f7e9e6dc52b134ae247ff40ed0
EC_PARAMS: 06082a8648ce3d030107
label: tlsorderer.ordererOrg
ID: 746c736f7264657265722e68616c616c666f6f6470672e66696e6578757367726f75702e636f6d0a
Usage: encrypt, verify, wrap, derive
Access: local
Public Key Object; EC EC_POINT 256 bits
EC_POINT: 04410458679db1f667a4bcf3c0b13f62e80fe9a9d4982881b7772f192e9cabc20158e33299856d995a0fbbd7523fa69e9fe3e5543c8ea5e0dc327348ece7625cb96860
EC_PARAMS: 06082a8648ce3d030107
label: tlsca.org1
ID: 746c7363612e66696e6578757367726f75702e636f6d0a
Usage: encrypt, verify, wrap, derive
Access: local
Public Key Object; EC EC_POINT 256 bits
EC_POINT: 0441047bfd15d2a4e46e74a77d4000c48235f2a9781842b3716b3c5cf26a0519766e75e49c0aac9c5939e0d54f8070acb2a82f232a5627abc4e9d2e00fc9adc1f6c66d
EC_PARAMS: 06082a8648ce3d030107
label: peer.org1
ID: 706565722e66696e6578757367726f75702e636f6d0a
Usage: encrypt, verify, wrap, derive
Access: local
Certificate Object; type = X.509 cert
label: tlsAdmin@org1
subject: DN: C=MY, ST=Wilayah Persekutuan Kuala Lumpur, L=Kuala Lumpur, O=Default Company Ltd, CN=Admin@org1
ID: 746c7341646d696e4066696e6578757367726f75702e636f6d0a
Certificate Object; type = X.509 cert
label: ca.org1
subject: DN: C=MY, ST=Wilayah Persekutuan Kuala Lumpur, L=Kuala Lumpur, O=org1, CN=ca.org1
ID: 63612e66696e6578757367726f75702e636f6d0a
Public Key Object; EC EC_POINT 256 bits
EC_POINT: 044104de510ebd9f4de1dede7fb602ce17404222565b1214af54807d13b5fca21027e8f004efe5f924cfa5ada25db85757bbd887a5071ade0a0e13247ce5075ef36562
EC_PARAMS: 06082a8648ce3d030107
label: ca.org1
ID: 63612e66696e6578757367726f75702e636f6d0a
Usage: encrypt, verify, wrap, derive
Access: local
Certificate Object; type = X.509 cert
label: Admin@ordererOrg
subject: DN: C=MY, ST=Wilayah Persekutuan Kuala Lumpur, L=Kuala Lumpur, O=ordererOrg, OU=admin, CN=Admin@ordererOrg
ID: 41646d696e4068616c616c666f6f6470672e66696e6578757367726f75702e636f6d0a
Certificate Object; type = X.509 cert
label: tlsca.ordererOrg
subject: DN: C=MY, ST=Wilayah Persekutuan Kuala Lumpur, L=Kuala Lumpur, O=ordererOrg, CN=tlsca.ordererOrg
ID: 746c7363612e68616c616c666f6f6470672e66696e6578757367726f75702e636f6d0a
Certificate Object; type = X.509 cert
label: tlsca.org1
subject: DN: C=MY, ST=Wilayah Persekutuan Kuala Lumpur, L=Kuala Lumpur, O=org1, CN=tlsca.org1
ID: 746c7363612e66696e6578757367726f75702e636f6d0a
Public Key Object; EC EC_POINT 256 bits
EC_POINT: 0441040c778079386f8febd1b72bd4c04b387117ae83109cfbccb85c3a6d9f36fe195567c657bf14ea49fb6991bacd505469c07818e2ab34befee3a0d2f44f0ed4bfee
EC_PARAMS: 06082a8648ce3d030107
label: Admin@ordererOrg
ID: 41646d696e4068616c616c666f6f6470672e66696e6578757367726f75702e636f6d0a
Usage: encrypt, verify, wrap, derive
Access: local
Certificate Object; type = X.509 cert
label: tlsorderer.ordererOrg
subject: DN: C=MY, ST=Wilayah Persekutuan Kuala Lumpur, L=Kuala Lumpur, O=Default Company Ltd, CN=orderer.ordererOrg
ID: 746c736f7264657265722e68616c616c666f6f6470672e66696e6578757367726f75702e636f6d0a
Certificate Object; type = X.509 cert
label: peer.org1
subject: DN: C=MY, ST=Wilayah Persekutuan Kuala Lumpur, L=Kuala Lumpur, O=org1, OU=peer, CN=peer.org1
ID: 706565722e66696e6578757367726f75702e636f6d0a
Public Key Object; EC EC_POINT 256 bits
EC_POINT: 044104372fd1ef78bd6ed5ee952c177fc1990cf20c6aebc72106f54bd9a6423192aa1ed5698447618b5ea2b0569508c8dce3587e94268e570734396bcda60650a6d17a
EC_PARAMS: 06082a8648ce3d030107
label: orderer.ordererOrg
ID: 6f7264657265722e68616c616c666f6f6470672e66696e6578757367726f75702e636f6d0a
Usage: encrypt, verify, wrap, derive
Access: local
Public Key Object; EC EC_POINT 256 bits
EC_POINT: 04410445fe15a00a608ccae5db578277fb2d31d14193161a317e2a9145be9a0dcfdadff534b2ee86fe0872ba1ef9a5868b7c23439544a7c0880485442053217e5a9239
EC_PARAMS: 06082a8648ce3d030107
label: tlsca.ordererOrg
ID: 746c7363612e68616c616c666f6f6470672e66696e6578757367726f75702e636f6d0a
Usage: encrypt, verify, wrap, derive
Access: local
Public Key Object; EC EC_POINT 256 bits
EC_POINT: 0441045ff498d46abb2dc1bb915a97d29b0713b3e448e2bc3253e83e972f7812c5d4a556a04dafb175630e45d97481e71476eef74a8439c5afe8b0a2d0c85bdc2ef282
EC_PARAMS: 06082a8648ce3d030107
label: Admin@org1
ID: 41646d696e4066696e6578757367726f75702e636f6d0a
Usage: encrypt, verify, wrap, derive
Access: local
Public Key Object; EC EC_POINT 256 bits
EC_POINT: 04410487a8c34237457651cb0b87c6559d7d4fc6e055cf17fec1b2a42f6f22bbc0b4ea3d02b1336bc5d4cc8267dd01ce081a8ebd6d18ba8e41c2e241bda2bfdbdcb980
EC_PARAMS: 06082a8648ce3d030107
label: ca.ordererOrg
ID: 63612e68616c616c666f6f6470672e66696e6578757367726f75702e636f6d0a
Usage: encrypt, verify, wrap, derive
Access: local
Certificate Object; type = X.509 cert
label: tlsAdmin@ordererOrg
subject: DN: C=MY, ST=Wilayah Persekutuan Kuala Lumpur, L=Kuala Lumpur, O=Default Company Ltd, CN=Admin@ordererOrg
ID: 746c7341646d696e4068616c616c666f6f6470672e66696e6578757367726f75702e636f6d0a
Public Key Object; EC EC_POINT 256 bits
EC_POINT: 0441040c7c76519783ed1015354fa8e6130c340bcb89f10238da9f80d002bdc53851a30af2a2114697ba9832ec813506764399b370b1ccf664551b8730b083d198e933
EC_PARAMS: 06082a8648ce3d030107
label: tlsAdmin@org1
ID: 746c7341646d696e4066696e6578757367726f75702e636f6d0a
Usage: encrypt, verify, wrap, derive
Access: local
Public Key Object; EC EC_POINT 256 bits
EC_POINT: 044104f0e26cf7dcee25b140769ed1ffd5e2b26608524656ea844d183e655c3be614da1b24b6503b36b3de72ceda78bb7535560eb40090016c810b92cf42a39ef9c587
EC_PARAMS: 06082a8648ce3d030107
label: tlsAdmin@ordererOrg
ID: 746c7341646d696e4068616c616c666f6f6470672e66696e6578757367726f75702e636f6d0a
Usage: encrypt, verify, wrap, derive
Access: local
Certificate Object; type = X.509 cert
label: Admin@org1
subject: DN: C=MY, ST=Wilayah Persekutuan Kuala Lumpur, L=Kuala Lumpur, O=org1, OU=admin, CN=Admin@org1
ID: 41646d696e4066696e6578757367726f75702e636f6d0a
Certificate Object; type = X.509 cert
label: ca.ordererOrg
subject: DN: C=MY, ST=Wilayah Persekutuan Kuala Lumpur, L=Kuala Lumpur, O=ordererOrg, CN=ca.ordererOrg
ID: 63612e68616c616c666f6f6470672e66696e6578757367726f75702e636f6d0a
你是对的,fabric 的预构建二进制文件没有启用 pkcs11。您需要从源代码构建 peer 和 orderer 二进制文件,指定标签 pkcs11 以创建支持 PKCS11
的版本
我是 运行 来自 github 版本的 Hyperledger Fabric v2.2.3,在 Oracle Linux 8.4
中
https://github.com/hyperledger/fabric/releases/download/v2.3.3/hyperledger-fabric-linux-amd64-2.3.3.tar.gz
我是 运行 没有码头工人的订购者和同行。
我是 运行 PKCS11,使用没有 FabricCA 的 SoftHSM 2.5.0。
我也按照官方文档中的指南设置了 PKCS11。
https://hyperledger-fabric.readthedocs.io/en/release-2.2/hsm.html
我还阅读了这个 Whosebug post 说明需要删除 SW 部分。
我成功生成了令牌,Orderer 和 Peer 的证书。
我的 Orderer 成功启动了一切,但我的 Peer 却没有。
问题:github 版 v2.2.3 中预构建的对等二进制文件不是在启用 PKCS11 的情况下构建的吗?
我是否需要自己构建对等点以启用 PKCS11 支持?
2021-09-15 10:05:50.583 +08 [bccsp] GetDefault -> DEBU 001 Before using BCCSP, please call InitFactories(). Falling back to bootBCCSP.
2021-09-15 10:05:50.585 +08 [bccsp] GetDefault -> DEBU 002 Before using BCCSP, please call InitFactories(). Falling back to bootBCCSP.
2021-09-15 10:05:50.594 +08 [bccsp] GetDefault -> DEBU 003 Before using BCCSP, please call InitFactories(). Falling back to bootBCCSP.
2021-09-15 10:05:50.595 +08 [main] InitCmd -> ERRO 004 Cannot run peer because error when setting up MSP of type bccsp from directory /appl/blockchain/peerOrganizations/org1/users/Admin@org1/msp: could not initialize BCCSP Factories: Could not find default `PKCS11` BCCSP
我的同行core.yaml
BCCSP:
Default: PKCS11
PKCS11:
Library: /appl/softhsm/lib/softhsm/libsofthsm2.so
Label: fabric
Pin: 123456
Hash: SHA2
Security: 256
Immutable: false
我在同行的目录结构和文件。
你可以忽略 tls,因为我现在没有使用任何 tls。
[user@hyperledgerfabric org1]# tree users
users
└── Admin@org1
├── msp
│ ├── admincerts
│ ├── cacerts
│ │ └── ca.org1-cert.pem -> ../../../../ca/ca.org1-cert.pem
│ ├── config.yaml
│ ├── keystore
│ ├── signcerts
│ │ └── Admin@org1-cert.pem
│ └── tlscacerts
│ └── tlsca.org1-cert.pem -> ../../../../tlsca/tlsca.org1-cert.pem
└── tls
├── ca.crt -> ../../../tlsca/tlsca.org1-cert.pem
├── client.crt
└── client.csr
在启用 PKCS11 的情况下编译同级后更新:
现在它给出无法找到 KeyMaterial 的错误:
2021-09-17 10:50:44.513 +08 [bccsp_p11] getECKey -> DEBU 019 Private key not found [Key not found [00000000 9e c0 9a a7 5c df 5b 13 25 61 15 a4 d2 8c f3 ba |....\.[.%a......|
00000010 90 c4 15 10 b5 e0 a6 48 de fd 23 96 14 29 b1 83 |.......H..#..)..|
]] for SKI [9ec09aa75cdf5b13256115a4d28cf3ba90c41510b5e0a648defd23961429b183], looking for Public key
2021-09-17 10:50:44.515 +08 [bccsp_p11] GetKey -> DEBU 01a Key not found using PKCS11: Public key not found [Key not found [00000000 9e c0 9a a7 5c df 5b 13 25 61 15 a4 d2 8c f3 ba |....\.[.%a......|
00000010 90 c4 15 10 b5 e0 a6 48 de fd 23 96 14 29 b1 83 |.......H..#..)..|
]] for SKI [9ec09aa75cdf5b13256115a4d28cf3ba90c41510b5e0a648defd23961429b183]
2021-09-17 10:50:44.515 +08 [msp] getSigningIdentityFromConf -> DEBU 01b Could not find SKI [9ec09aa75cdf5b13256115a4d28cf3ba90c41510b5e0a648defd23961429b183], trying KeyMaterial field: Key not found. This is a dummy KeyStore
Failed getting key for SKI [[158 192 154 167 92 223 91 19 37 97 21 164 210 140 243 186 144 196 21 16 181 224 166 72 222 253 35 150 20 41 177 131]]
github.com/hyperledger/fabric/bccsp/sw.(*CSP).GetKey
/appl/src/fabric-2.2.3/bccsp/sw/impl.go:170
github.com/hyperledger/fabric/bccsp/pkcs11.(*impl).GetKey
/appl/src/fabric-2.2.3/bccsp/pkcs11/pkcs11.go:257
github.com/hyperledger/fabric/msp.(*bccspmsp).getSigningIdentityFromConf
/appl/src/fabric-2.2.3/msp/mspimpl.go:220
github.com/hyperledger/fabric/msp.(*bccspmsp).setupSigningIdentity
/appl/src/fabric-2.2.3/msp/mspimplsetup.go:401
github.com/hyperledger/fabric/msp.(*bccspmsp).preSetupV142
/appl/src/fabric-2.2.3/msp/mspimplsetup.go:586
github.com/hyperledger/fabric/msp.(*bccspmsp).setupV142
/appl/src/fabric-2.2.3/msp/mspimplsetup.go:647
github.com/hyperledger/fabric/msp.(*bccspmsp).Setup
/appl/src/fabric-2.2.3/msp/mspimpl.go:267
github.com/hyperledger/fabric/msp/cache.(*cachedMSP).Setup
/appl/src/fabric-2.2.3/msp/cache/cache.go:88
github.com/hyperledger/fabric/msp/mgmt.LoadLocalMspWithType
/appl/src/fabric-2.2.3/msp/mgmt/mgmt.go:33
github.com/hyperledger/fabric/internal/peer/common.InitCrypto
/appl/src/fabric-2.2.3/internal/peer/common/common.go:144
github.com/hyperledger/fabric/internal/peer/common.InitCmd
/appl/src/fabric-2.2.3/internal/peer/common/common.go:324
github.com/hyperledger/fabric/internal/peer/channel.glob..func1
/appl/src/fabric-2.2.3/internal/peer/channel/channel.go:102
github.com/spf13/cobra.(*Command).execute
/appl/src/fabric-2.2.3/vendor/github.com/spf13/cobra/command.go:746
github.com/spf13/cobra.(*Command).ExecuteC
/appl/src/fabric-2.2.3/vendor/github.com/spf13/cobra/command.go:852
github.com/spf13/cobra.(*Command).Execute
/appl/src/fabric-2.2.3/vendor/github.com/spf13/cobra/command.go:800
main.main
/appl/src/fabric-2.2.3/cmd/peer/main.go:54
runtime.main
/appl/go/src/runtime/proc.go:255
runtime.goexit
/appl/go/src/runtime/asm_amd64.s:1581
2021-09-17 10:50:44.515 +08 [main] InitCmd -> ERRO 01c Cannot run peer because error when setting up MSP of type bccsp from directory /appl/blockchain/peerOrganizations/org1/users/Admin@org1/msp: KeyMaterial not found in SigningIdentityInfo
这是 SoftHSM 中的令牌和对象:
[user@hyperledgerfabric ~]# pkcs11-tool --module /appl/softhsm/lib/softhsm/libsofthsm2.so --token-label "fabric" --list-objects
Certificate Object; type = X.509 cert
label: tlspeer.org1
subject: DN: C=MY, ST=Wilayah Persekutuan Kuala Lumpur, L=Kuala Lumpur, O=Default Company Ltd, CN=peer.org1
ID: 746c73706565722e66696e6578757367726f75702e636f6d0a
Certificate Object; type = X.509 cert
label: orderer.ordererOrg
subject: DN: C=MY, ST=Wilayah Persekutuan Kuala Lumpur, L=Kuala Lumpur, O=ordererOrg, OU=orderer, CN=orderer.ordererOrg
ID: 6f7264657265722e68616c616c666f6f6470672e66696e6578757367726f75702e636f6d0a
Public Key Object; EC EC_POINT 256 bits
EC_POINT: 044104f8cab0e26330c5cde55afb3ffbffe0fee8a96cca7fcb08d7360e736b21552a337f0f29b1f68d708b296dcdc75922a9e709ffad6a3f3863f6ae039a71fac49d06
EC_PARAMS: 06082a8648ce3d030107
label: tlspeer.org1
ID: 746c73706565722e66696e6578757367726f75702e636f6d0a
Usage: encrypt, verify, wrap, derive
Access: local
Public Key Object; EC EC_POINT 256 bits
EC_POINT: 044104ae4ae570e763654d9fa9f3bec3ffddde7402044153c32f3490e8f8d5a4c90be884385237fa9659914730ff38751bb3b9c8b046f7e9e6dc52b134ae247ff40ed0
EC_PARAMS: 06082a8648ce3d030107
label: tlsorderer.ordererOrg
ID: 746c736f7264657265722e68616c616c666f6f6470672e66696e6578757367726f75702e636f6d0a
Usage: encrypt, verify, wrap, derive
Access: local
Public Key Object; EC EC_POINT 256 bits
EC_POINT: 04410458679db1f667a4bcf3c0b13f62e80fe9a9d4982881b7772f192e9cabc20158e33299856d995a0fbbd7523fa69e9fe3e5543c8ea5e0dc327348ece7625cb96860
EC_PARAMS: 06082a8648ce3d030107
label: tlsca.org1
ID: 746c7363612e66696e6578757367726f75702e636f6d0a
Usage: encrypt, verify, wrap, derive
Access: local
Public Key Object; EC EC_POINT 256 bits
EC_POINT: 0441047bfd15d2a4e46e74a77d4000c48235f2a9781842b3716b3c5cf26a0519766e75e49c0aac9c5939e0d54f8070acb2a82f232a5627abc4e9d2e00fc9adc1f6c66d
EC_PARAMS: 06082a8648ce3d030107
label: peer.org1
ID: 706565722e66696e6578757367726f75702e636f6d0a
Usage: encrypt, verify, wrap, derive
Access: local
Certificate Object; type = X.509 cert
label: tlsAdmin@org1
subject: DN: C=MY, ST=Wilayah Persekutuan Kuala Lumpur, L=Kuala Lumpur, O=Default Company Ltd, CN=Admin@org1
ID: 746c7341646d696e4066696e6578757367726f75702e636f6d0a
Certificate Object; type = X.509 cert
label: ca.org1
subject: DN: C=MY, ST=Wilayah Persekutuan Kuala Lumpur, L=Kuala Lumpur, O=org1, CN=ca.org1
ID: 63612e66696e6578757367726f75702e636f6d0a
Public Key Object; EC EC_POINT 256 bits
EC_POINT: 044104de510ebd9f4de1dede7fb602ce17404222565b1214af54807d13b5fca21027e8f004efe5f924cfa5ada25db85757bbd887a5071ade0a0e13247ce5075ef36562
EC_PARAMS: 06082a8648ce3d030107
label: ca.org1
ID: 63612e66696e6578757367726f75702e636f6d0a
Usage: encrypt, verify, wrap, derive
Access: local
Certificate Object; type = X.509 cert
label: Admin@ordererOrg
subject: DN: C=MY, ST=Wilayah Persekutuan Kuala Lumpur, L=Kuala Lumpur, O=ordererOrg, OU=admin, CN=Admin@ordererOrg
ID: 41646d696e4068616c616c666f6f6470672e66696e6578757367726f75702e636f6d0a
Certificate Object; type = X.509 cert
label: tlsca.ordererOrg
subject: DN: C=MY, ST=Wilayah Persekutuan Kuala Lumpur, L=Kuala Lumpur, O=ordererOrg, CN=tlsca.ordererOrg
ID: 746c7363612e68616c616c666f6f6470672e66696e6578757367726f75702e636f6d0a
Certificate Object; type = X.509 cert
label: tlsca.org1
subject: DN: C=MY, ST=Wilayah Persekutuan Kuala Lumpur, L=Kuala Lumpur, O=org1, CN=tlsca.org1
ID: 746c7363612e66696e6578757367726f75702e636f6d0a
Public Key Object; EC EC_POINT 256 bits
EC_POINT: 0441040c778079386f8febd1b72bd4c04b387117ae83109cfbccb85c3a6d9f36fe195567c657bf14ea49fb6991bacd505469c07818e2ab34befee3a0d2f44f0ed4bfee
EC_PARAMS: 06082a8648ce3d030107
label: Admin@ordererOrg
ID: 41646d696e4068616c616c666f6f6470672e66696e6578757367726f75702e636f6d0a
Usage: encrypt, verify, wrap, derive
Access: local
Certificate Object; type = X.509 cert
label: tlsorderer.ordererOrg
subject: DN: C=MY, ST=Wilayah Persekutuan Kuala Lumpur, L=Kuala Lumpur, O=Default Company Ltd, CN=orderer.ordererOrg
ID: 746c736f7264657265722e68616c616c666f6f6470672e66696e6578757367726f75702e636f6d0a
Certificate Object; type = X.509 cert
label: peer.org1
subject: DN: C=MY, ST=Wilayah Persekutuan Kuala Lumpur, L=Kuala Lumpur, O=org1, OU=peer, CN=peer.org1
ID: 706565722e66696e6578757367726f75702e636f6d0a
Public Key Object; EC EC_POINT 256 bits
EC_POINT: 044104372fd1ef78bd6ed5ee952c177fc1990cf20c6aebc72106f54bd9a6423192aa1ed5698447618b5ea2b0569508c8dce3587e94268e570734396bcda60650a6d17a
EC_PARAMS: 06082a8648ce3d030107
label: orderer.ordererOrg
ID: 6f7264657265722e68616c616c666f6f6470672e66696e6578757367726f75702e636f6d0a
Usage: encrypt, verify, wrap, derive
Access: local
Public Key Object; EC EC_POINT 256 bits
EC_POINT: 04410445fe15a00a608ccae5db578277fb2d31d14193161a317e2a9145be9a0dcfdadff534b2ee86fe0872ba1ef9a5868b7c23439544a7c0880485442053217e5a9239
EC_PARAMS: 06082a8648ce3d030107
label: tlsca.ordererOrg
ID: 746c7363612e68616c616c666f6f6470672e66696e6578757367726f75702e636f6d0a
Usage: encrypt, verify, wrap, derive
Access: local
Public Key Object; EC EC_POINT 256 bits
EC_POINT: 0441045ff498d46abb2dc1bb915a97d29b0713b3e448e2bc3253e83e972f7812c5d4a556a04dafb175630e45d97481e71476eef74a8439c5afe8b0a2d0c85bdc2ef282
EC_PARAMS: 06082a8648ce3d030107
label: Admin@org1
ID: 41646d696e4066696e6578757367726f75702e636f6d0a
Usage: encrypt, verify, wrap, derive
Access: local
Public Key Object; EC EC_POINT 256 bits
EC_POINT: 04410487a8c34237457651cb0b87c6559d7d4fc6e055cf17fec1b2a42f6f22bbc0b4ea3d02b1336bc5d4cc8267dd01ce081a8ebd6d18ba8e41c2e241bda2bfdbdcb980
EC_PARAMS: 06082a8648ce3d030107
label: ca.ordererOrg
ID: 63612e68616c616c666f6f6470672e66696e6578757367726f75702e636f6d0a
Usage: encrypt, verify, wrap, derive
Access: local
Certificate Object; type = X.509 cert
label: tlsAdmin@ordererOrg
subject: DN: C=MY, ST=Wilayah Persekutuan Kuala Lumpur, L=Kuala Lumpur, O=Default Company Ltd, CN=Admin@ordererOrg
ID: 746c7341646d696e4068616c616c666f6f6470672e66696e6578757367726f75702e636f6d0a
Public Key Object; EC EC_POINT 256 bits
EC_POINT: 0441040c7c76519783ed1015354fa8e6130c340bcb89f10238da9f80d002bdc53851a30af2a2114697ba9832ec813506764399b370b1ccf664551b8730b083d198e933
EC_PARAMS: 06082a8648ce3d030107
label: tlsAdmin@org1
ID: 746c7341646d696e4066696e6578757367726f75702e636f6d0a
Usage: encrypt, verify, wrap, derive
Access: local
Public Key Object; EC EC_POINT 256 bits
EC_POINT: 044104f0e26cf7dcee25b140769ed1ffd5e2b26608524656ea844d183e655c3be614da1b24b6503b36b3de72ceda78bb7535560eb40090016c810b92cf42a39ef9c587
EC_PARAMS: 06082a8648ce3d030107
label: tlsAdmin@ordererOrg
ID: 746c7341646d696e4068616c616c666f6f6470672e66696e6578757367726f75702e636f6d0a
Usage: encrypt, verify, wrap, derive
Access: local
Certificate Object; type = X.509 cert
label: Admin@org1
subject: DN: C=MY, ST=Wilayah Persekutuan Kuala Lumpur, L=Kuala Lumpur, O=org1, OU=admin, CN=Admin@org1
ID: 41646d696e4066696e6578757367726f75702e636f6d0a
Certificate Object; type = X.509 cert
label: ca.ordererOrg
subject: DN: C=MY, ST=Wilayah Persekutuan Kuala Lumpur, L=Kuala Lumpur, O=ordererOrg, CN=ca.ordererOrg
ID: 63612e68616c616c666f6f6470672e66696e6578757367726f75702e636f6d0a
你是对的,fabric 的预构建二进制文件没有启用 pkcs11。您需要从源代码构建 peer 和 orderer 二进制文件,指定标签 pkcs11 以创建支持 PKCS11