Re: User & Endorsement issues

Home Messages Hashtags Subgroups

#8519

Re: User & Endorsement issues

Jason Yellick <jyellick@...> #8519 Does your MSP configuration enable NodeOUs? See https://hyperledger-fabric.readthedocs.io/en/latest/msp.html#identity-classification for more details. If your MSP definition does not enable node OUs, then the '.client' and '.peer' roles can never be satisfied, as the types cannot be distinguished and you must instead compose policies using the '.member' role. Thanks, ~Jason toggle quoted message Show quoted text ----- Original message ----- From: "Antoni Massó Mola" <antonimassomola@...> Sent by: fabric@... To: fabric@... Cc: Subject: [EXTERNAL] [Hyperledger Fabric] User & Endorsement issues Date: Sat, Jun 13, 2020 2:17 PM Hello, I'm having a hard time making the user type registered work with the org policies. I register & enroll an admin user used by the peers at org1. - &org1 Name: org1 ID: org1 MSPDir: crypto-config/peerOrganizations/org1/msp Policies: Readers: Type: Signature Rule: "OR('org1.admin', 'org1.peer', 'org1.client')" I get the following error from the peer0 log: 2020-06-13 18:11:12.290 UTC [gossip.channel] func5 -> WARN 022 Peer {"CN":"org1-peer1.default.svc.cluster.local","Issuer-CN":"fabric-ca-server","Issuer-L-ST-C":"[]-[]-[US]","Issuer-OU":["Fabric"],"L-ST-C":"[]-[]-[US]","MSP":"org1","OU":["admin","org1"]} isn't eligible for channel mainchannel : implicit policy evaluation failed - 0 sub-policies were satisfied, but this policy requires 1 of the 'Readers' sub-policies to be satisfied Peer1 from org1 seems to have issues with the policy set. If I add org1.member to the Readers policy rule & recreate the HF network it works well. Why does it fail if I don't specify the user type to member? Thanks
More All Messages By This Member

View All 5 Messages In Topic

#8519

Join {fabric@lists.hyperledger.org to automatically receive all group messages.

Home Hashtags Subgroups Terms