#fabric #fabric-questions Peer update certs - gossip error: Failed validating identity message: Peer Identity cannot be validated. No MSP found able to do that. #fabric #fabric-questions


Mattia Bolzonella
 

Hi all. I'm working on a Fabric network (2.2.2) on docker swarm. Yesterday I updated the certificates of my organizations and everything was good except for a peer. The organization (Org2) which the peer is in, has another peer and a orderer. Those two comonents has no problem at all. 
But when I restarted the peer (peer1) the logs looked like this:
[34m2021-05-27 14:15:23.979 UTC [comm.grpc.server] 1 -> INFO 046 unary call completed grpc.service=gossip.Gossip grpc.method=Ping grpc.request_deadline=2021-05-27T14:15:25.979Z grpc.peer_address=172.16.1.92:43502 grpc.code=OK grpc.call_duration=87.88µs
2021-05-27 14:15:23.980 UTC [gossip.comm] authenticateRemotePeer -> WARN 047 xxx.xxx.xxx.xxx:43502 didn't send TLS certificate
2021-05-27 14:15:23.980 UTC [gossip.comm] GossipStream -> ERRO 048 Authentication failed: No TLS certificate
2021-05-27 14:15:23.980 UTC [comm.grpc.server] 1 -> INFO 049 streaming call completed grpc.service=gossip.Gossip grpc.method=GossipStream grpc.peer_address=xxx.xxx.xxx.xxx:43502 error="No TLS certificate" grpc.code=Unknown grpc.call_duration=175.077µs
2021-05-27 14:15:24.091 UTC [peer.gossip.mcs] Verify -> ERRO 04a Failed getting validated identity from peer identity [Peer Identity {"CN":"peer0.org1.ifin.it","Issuer-CN":"ca.org1.ifin.it","Issuer-L-ST-C":"[]-[]-[US]","Issuer-OU":["Fabric"],"L-ST-C":"[]-[]-[IT]","MSP":"Org1MSP","OU":["peer"]} cannot be validated. No MSP found able to do that.]
2021-05-27 14:15:24.091 UTC [gossip.gossip] handleMessage -> WARN 04b Failed validating identity message: Peer Identity {"CN":"peer0.org1.ifin.it","Issuer-CN":"ca.org1.ifin.it","Issuer-L-ST-C":"[]-[]-[US]","Issuer-OU":["Fabric"],"L-ST-C":"[]-[]-[IT]","MSP":"Org1MSP","OU":["peer"]} cannot be validated. No MSP found able to do that.
Failed verifying message
github.com/hyperledger/fabric/gossip/gossip.(*certStore).validateIdentityMsg
/go/src/github.com/hyperledger/fabric/gossip/gossip/certstore.go:105
github.com/hyperledger/fabric/gossip/gossip.(*certStore).handleMessage
/go/src/github.com/hyperledger/fabric/gossip/gossip/certstore.go:77
github.com/hyperledger/fabric/gossip/gossip.(*Node).handleMessage
/go/src/github.com/hyperledger/fabric/gossip/gossip/gossip_impl.go:398
github.com/hyperledger/fabric/gossip/gossip.(*Node).acceptMessages
/go/src/github.com/hyperledger/fabric/gossip/gossip/gossip_impl.go:325
runtime.goexit
/usr/local/go/src/runtime/asm_amd64.s:1373
github.com/hyperledger/fabric/gossip/gossip.(*certStore).handleMessage
/go/src/github.com/hyperledger/fabric/gossip/gossip/certstore.go:78
github.com/hyperledger/fabric/gossip/gossip.(*Node).handleMessage
/go/src/github.com/hyperledger/fabric/gossip/gossip/gossip_impl.go:398
github.com/hyperledger/fabric/gossip/gossip.(*Node).acceptMessages
/go/src/github.com/hyperledger/fabric/gossip/gossip/gossip_impl.go:325
runtime.goexit
/usr/local/go/src/runtime/asm_amd64.s:1373


The log is about the other peer (peer0) in the Organization (it's the bootstrap peer of peer1)  but in a short time I can see that the same error appears for the node itself (so for peer0).
I get that there is a problem with the msp but, the directory structure for the problematic peer is the same as the other peers in the network (not only peers folder but the entire crypto-config).
And also the same crypto config is used by peer0 which has no problem whatsoever. 
I tried to erase the volumes of the peer to see if the problem is linked to the channel in which the peer is in, but after deleting I see the same log and the peer is not in a channel. 

Does anyone have a clue about this?


Join fabric@lists.hyperledger.org to automatically receive all group messages.