用户密钥生成过程中用户私钥存放在fabric-ca的什么地方
Where does user private key is stored in fabric-ca in user key generation process
我正在使用 fabric ca-client 来注册和注册“用户”以与链码交互。使用组织 CA 管理员注册用户,如下所示:
export FABRIC_CA_CLIENT_TLS_CERTFILES=/tmp/hyperledger/org1/ca/crypto/ca-cert.pem
export FABRIC_CA_CLIENT_HOME=/tmp/hyperledger/org1/ca/admin
export FABRIC_CA_CLIENT_MSPDIR=msp
fabric-ca-client register -d --id.name userk2 --id.secret userk2PW --id.type user -u https://0.0.0.0:7054
并注册了没有 org-ca 管理员的用户
fabric-ca-client enroll -u "https://userk2:userk2PW@0.0.0.0:7054" --tls.certfiles /tmp/hyperledger/org1/admin/msp/cacerts/0-0-0-0-7054.pem
现在 CA 服务器应该向需要与链码交互的用户(这里是 userk2)提供用户证书。
我收到来自 CA 服务器的响应:
2021/10/13 12:13:50 [INFO] TLS Enabled
2021/10/13 12:13:50 [INFO] generating key: &{A:ecdsa S:256}
2021/10/13 12:13:50 [INFO] encoded CSR
2021/10/13 12:13:51 [INFO] Stored client certificate at /root/.fabric-ca-client/msp/signcerts/cert.pem
2021/10/13 12:13:51 [INFO] Stored root CA certificate at /root/.fabric-ca-client/msp/cacerts/0-0-0-0-7054.pem
2021/10/13 12:13:51 [INFO] Stored Issuer public key at /root/.fabric-ca-client/msp/IssuerPublicKey
2021/10/13 12:13:51 [INFO] Stored Issuer revocation public key at /root/.fabric-ca-client/msp/IssuerRevocationPublicKey
与链代码交互的用户 private/public 密钥和信任根是什么?
谢谢!
用户私钥保存在客户端,而不是Fabric-CA。客户端从不共享其私钥(正如预期的那样)。客户端生成密钥对,向 CA 提交 CSR 并接收签名证书。客户端保存收到的证书(CA 也保存一份副本)。
根据您的日志,您的客户端证书位于:
/root/.fabric-ca-client/msp/signcerts/cert.pem.
并且您的私钥必须在:
/root/.fabric-ca-client/msp/keystore/.
我正在使用 fabric ca-client 来注册和注册“用户”以与链码交互。使用组织 CA 管理员注册用户,如下所示:
export FABRIC_CA_CLIENT_TLS_CERTFILES=/tmp/hyperledger/org1/ca/crypto/ca-cert.pem
export FABRIC_CA_CLIENT_HOME=/tmp/hyperledger/org1/ca/admin
export FABRIC_CA_CLIENT_MSPDIR=msp
fabric-ca-client register -d --id.name userk2 --id.secret userk2PW --id.type user -u https://0.0.0.0:7054
并注册了没有 org-ca 管理员的用户
fabric-ca-client enroll -u "https://userk2:userk2PW@0.0.0.0:7054" --tls.certfiles /tmp/hyperledger/org1/admin/msp/cacerts/0-0-0-0-7054.pem
现在 CA 服务器应该向需要与链码交互的用户(这里是 userk2)提供用户证书。
我收到来自 CA 服务器的响应:
2021/10/13 12:13:50 [INFO] TLS Enabled
2021/10/13 12:13:50 [INFO] generating key: &{A:ecdsa S:256}
2021/10/13 12:13:50 [INFO] encoded CSR
2021/10/13 12:13:51 [INFO] Stored client certificate at /root/.fabric-ca-client/msp/signcerts/cert.pem
2021/10/13 12:13:51 [INFO] Stored root CA certificate at /root/.fabric-ca-client/msp/cacerts/0-0-0-0-7054.pem
2021/10/13 12:13:51 [INFO] Stored Issuer public key at /root/.fabric-ca-client/msp/IssuerPublicKey
2021/10/13 12:13:51 [INFO] Stored Issuer revocation public key at /root/.fabric-ca-client/msp/IssuerRevocationPublicKey
与链代码交互的用户 private/public 密钥和信任根是什么? 谢谢!
用户私钥保存在客户端,而不是Fabric-CA。客户端从不共享其私钥(正如预期的那样)。客户端生成密钥对,向 CA 提交 CSR 并接收签名证书。客户端保存收到的证书(CA 也保存一份副本)。
根据您的日志,您的客户端证书位于:
/root/.fabric-ca-client/msp/signcerts/cert.pem.
并且您的私钥必须在:
/root/.fabric-ca-client/msp/keystore/.