Hyperledger Fabric "fabric-ca-client" 错误代码:71 - 授权失败

Hyperledger Fabric "fabric-ca-client" Error Code: 71 - Authorization failure

我正在尝试使用 fabric-ca-client 列出 ca 服务器的身份,如下所示

fabric-ca-client identity list --id nameofidentityfromfabric-ca-server-config.yaml -u https://username:password@localhost:8054 --tls.certfiles <path to /tls/ca.crt> --mspdir <path to /peer0.org2.example.com/msp>

但是 ca 服务器响应如下错误

Error: Response from server: Error Code: 71 - Authorization failure

下面是fabric-ca-server-config.yaml

中的代码
identities:
 - name: username
   pass: password
   type: client
   affiliation: ""
   attrs:
      hf.Registrar.Roles: "*"
      hf.Registrar.DelegateRoles: "*"
      hf.Revoker: true
      hf.IntermediateCA: true
      hf.GenCRL: true
      hf.Registrar.Attributes: "*"
      hf.AffiliationMgr: true

fabric-ca 不使用密码身份验证(这是您尝试做的),它使用通过其证书和私钥从注册身份创建的令牌身份验证。您需要先注册您的 bootstrap 身份,在上面的示例中看起来是 username,然后使用该注册身份执行 fabric-ca 注册任务。

文档中的这一部分提供了一些有关注册的更多详细信息https://hyperledger-fabric-ca.readthedocs.io/en/release-1.4/users-guide.html#enrolling-the-bootstrap-identity,然后继续展示在您注册了 bootstrap 身份后执行其他任务的示例

问题是我还没有注册 bootstrap 身份。 下面的代码就是这样做的

const enrollment = await ca.enroll({ enrollmentID: 'adminusername', enrollmentSecret: 'adminpassword' });
        const x509Identity = {
        credentials: {
            certificate: enrollment.certificate,
            privateKey: enrollment.key.toBytes(),
          },
        mspId: 'Org2MSP',
        type: 'X.509',
        };
        await wallet.put('admin', x509Identity);

注册 bootstrap 身份后,使用以下代码为该身份创建用户对象

const walletPath = path.join(process.cwd(), 'wallet');
const wallet = await Wallets.newFileSystemWallet(walletPath);
const provider = wallet.getProviderRegistry().getProvider(adminIdentity.type);
const adminUser = await provider.getUserContext(adminIdentity, 'admin');

现在如下调用 FabricCAServices class 的 newIdentityService() 来获取身份列表。

const FabricCAServices = require('fabric-ca-client');
let connectionProfile = yaml.safeLoad(fs.readFileSync('../gateway/connection-org2.yaml', 'utf8'));
// Create a new CA client for interacting with the CA.
const caInfo = connectionProfile.certificateAuthorities['ca.org2.example.com'];
const caTLSCACerts = caInfo.tlsCACerts.pem;
const ca = new FabricCAServices(caInfo.url, { trustedRoots: caTLSCACerts, verify: false }, caInfo.caName);
let identityService = ca.newIdentityService();
let registeredidentities = await identityService.getAll(adminUser);
console.dir(registeredidentities, { depth: null })