Re: Generate TLS certificates using CA and not cryptogen #fabric #fabric-ca #fabricca

Jean-Gaël Dominé <jgdomine@...>


Thank you for your answer.

I've tried to set up the same configuration but to no avail.
I attached my CA configuration files so that you can have a look to check if I did something wrong that is obvious.

I also have a question, how can I generate the following artifacts that I have to give to the CA at startup:
# Enable TLS (default: false)
enabled: true
# TLS for the server's listening port
certfile: /etc/hyperledger/tls/ca-org1-miles-com-cert.pem
keyfile: /etc/hyperledger/tls/org1-miles-com-ca-keystore

Because before, I was using the artifacts provided by cryptogen and now I do not know how to generate them.

As for the enrollment command, is this correct?
fabric-ca-client enroll --enrollment.profile tls -m orderer-miles-com -u https://ord:OrdPW@$CA_URL -M ./crypto-config/ordererOrganizations/miles-com/orderer-miles-com/tls --tls.certfiles /etc/hyperledger/tls/ca-miles-com-cert.pem

Thank you again for your help

Join to automatically receive all group messages.