Re: how to obtain an org's root CA certificate in application chaincode?

qs meng <qsmeng@...>

   Before I submit my problem on Jira, I found two proposals, FAB12366 and FAB11602, both about enabling a chaincode to verifiy identities based on a channel's MSP, where the identities are not administered by fabric now. 
   They were proposed in October, 2018 and August, 2018 respectively. But the tasks are still not assigned to anyone.
   would you please give some suggestions  to solve them?
   Thank you.

At 2019-05-06 12:07:29, "meng" <qsmeng@...> wrote:
    suppose one application certificate is issued by one fabric org's ca and the certificate needs being verified in  an application chaincode. 
    One way is to get the org's root ca certificate. But I do not know how to obtain the root certificate.
     Another way:  similar to forming a proposal, the application certificate is passed in chaincde as a creator,  and  use identity.Validate() to validate.  To do that, the chaincode including the following code:
      channelID := stub.GetChannelID()
     creatorByte, _ := stub.GetCreator()
     mspObj := mspmgmt.GetIdentityDeserializer(channelID)
     creator, err := mspObj.DeserializeIdentity(creatorByte)
     err = creator.Validate()
    return shim.Error("[error] return:" + err.Error())
after the successful import mgmt package and instantiation, the chaincode runs timeout.
  How to solve this problem? Thank you.
  Best regards,
qs meng


Join { to automatically receive all group messages.