Doubt and error in enrolling a peer and starting its container #docker-compose #docker #fabric-ca


Hi all, I am creating a network with CA roots and CA intermediates using fabric CA and docker compose. So far I have been able to correctly create the roots, intermediates, perform registration and enrollment of orderers and start their containers. I have problems with the peers.
I am not using localhost or as docker gives problems if you try to create intermediates that way. I then created hosts within the docker network.

I describe the steps taken as concisely as possible:

Enroll TLS CA admin
docker exec -it tls-ca fabric-ca-client enroll -d -u https://tls-ca-admin:tls-ca-adminpw@tls-ca:7051 --tls.certfiles /tmp/hyperledger/fabric-ca/crypto/ca-cert.pem --home /tmp/hyperledger/fabric-ca/admin/
Register peer
docker exec -it tls-ca fabric-ca-client register -d peer1-ica1-rca-org0 --id.secret peer1-ica1-rca-org0PW --id.type peer -u https://tls-ca:7051 --tls.certfiles /tmp/hyperledger/fabric-ca/crypto/ca-cert.pem --home /tmp/hyperledger/fabric-ca/admin/
Enroll ica1-rca-org0 admin
docker exec -it ica1-rca-org0 fabric-ca-client enroll -d -u https://ica1-rca-org0-admin:ica1-rca-org0-adminpw@ica1-rca-org0:7058 --tls.certfiles /tmp/hyperledger/fabric-ca/crypto/ca-cert.pem --home /tmp/hyperledger/fabric-ca/admin --home /tmp/hyperledger/fabric-ca/admin/
Register admin and peer
docker exec -it ica1-rca-org0 fabric-ca-client register -d admin-ica1-rca-org0 --id.secret admin-ica1-rca-org0pw --id.type admin --id.attrs "hf.Registrar.Roles=client,hf.Registrar.Attributes=*,hf.Revoker=true,hf.GenCRL=true,admin=true:ecert,abac.init=true:ecert" -u https://ica1-rca-org0:7058 --tls.certfiles /tmp/hyperledger/fabric-ca/crypto/ca-cert.pem --home /tmp/hyperledger/fabric-ca/admin/
docker exec -it ica1-rca-org0 fabric-ca-client register -d peer1-ica1-rca-org0 --id.secret peer1-ica1-rca-org0pw --id.type peer -u https://ica1-rca-org0:7058 --tls.certfiles /tmp/hyperledger/fabric-ca/crypto/ca-cert.pem --home /tmp/hyperledger/fabric-ca/admin/
Enroll peer for identity
docker exec -it ica1-rca-org0 fabric-ca-client enroll -d -u https://peer1-ica1-rca-org0:peer1-ica1-rca-org0pw@ica1-rca-org0:7058 --tls.certfiles /tmp/hyperledger/fabric-ca/crypto/ca-cert.pem --home /tmp/hyperledger/fabric-ca-enrollment/peer1 --mspdir msp

Here i have my first doubt. When i enrolled orderers i used the certificates located in the cacerts folders (rca-org0-7052.pem for the orderer on the rca-org0 for istance) and i was sure i need to use the same strategy for the peer. If i try to follow this way, it result in a "unknown owner" error. So i change the certificate and it work but i'm not very sure about the reason.

However, after enrolling the peer for identity and TLS and the admin, i try to start the peer container.
In my docker compose file i have this line:
 - CORE_PEER_MSPCONFIGPATH=/tmp/hyperledger/ica1-rca-org0/peer1/msp
But i have the following error:
Cannot run peer because cannot init crypto, specified path "/tmp/hyperledger/ica1-rca-org0/peer1/msp" does not exist or cannot be accessed: stat /tmp/hyperledger/ica1-rca-org0/peer1/msp: no such file or directory
The folder exists and it has not restriction but the docker compose can't read the content.

Would anyone be able to suggest why?


Join to automatically receive all group messages.