Using BAF, I had a hyperledger fabric network v2.2.0 which has 11 orgs, 5 orderers and 5 channels. Org1 is a part of all the channels. Other than that each channel has 2 individual orgs. So totally 3 orgs are part of each channel. Before all the certs got expired, I renewed all the certs ( orderer msp, tls and peer msp, tls certs) using dcm tool. And updated all the renewed orderer tls certs (for 5 orderers in 5 application channels and system channel) in all the channel config. After successful update, I updated all the renewed certs in the vault. Finally restarted all the services. Now it is working fine, I am able to perform invoke and query function.
Now the problem is, when I try to add a new org in the existing channel, I got the following error,
"Error: got unexpected status: BAD_REQUEST -- error applying config update to existing channel 'testchannel': error authorizing update: error validating DeltaSet: policy for [Group] /Channel/Application not satisfied: implicit policy evaluation failed - 0 sub-policies were satisfied, but this policy requires 2 of the 'Admins' sub-policies to be satisfied"
Then I checked the channel config file, in that peer's admin certs has old cert. Is this the cause for my error?
If so, can anyone suggest how to update peer certs in the channel config? Because my vault and peer node has updated certificate except channel config.