Error while registering peer and client certs using LDAP server #fabric-ca #fabric-chaincode #raft


trinayanbhatt1@...
 

I am trying to setup fabric network using external-ca and so I have to register and enroll certs for all the peers and clients and for registration of certificates LDAP server is being used.

After generating everything and starting the network there is some issue with chaincode instantiation as although the chaincode container gets up but still while listing for the chaincode on the peers the result set is empty. After checking for the peer and orderer logs:

peer logs :

warning: isn't eligible for channel testchannel : implicit policy evaluation failed - 0 sub-policies were satisfied, but this policy requires 1 of the 'Readers' sub-policies to be satisfied

error:  [blocksProvider] DeliverBlocks -> ERRO 4488e [testchannel] Got error &{FORBIDDEN}
           [blocksProvider] DeliverBlocks -> ERRO 4488f [testchannel] Wrong statuses threshold passed, stopping block provider

orderer logs:

[common.deliver] deliverBlocks -> WARN 263d [channel: testchannel] Client authorization revoked for deliver request from xx.xx.xx.xx:38880: implicit policy evaluation failed - 0 sub-policies were satisfied, but this policy requires 1 of the 'Readers' sub-policies to be satisfied: permission denied

What I interpret from this is that the admin certificates and the peer certificates have some issue as they are being registered using LDAP where there is no option to define id-type for the identity.

Can anyone help to resolve this issue?

Join fabric@lists.hyperledger.org to automatically receive all group messages.