Re: Adding a new organisation to the system channel fails after FAB-17733 #fabric-orderer #raft #fabric
I don't see why you don't want to specify the intermediate certificate, but - your workaround looks fine to me assuming it works.
To do what you want (just specify the root cert and not the intermediate) would require the TLS server handshake to send the full validation chain which happens only if we specify the validation chain itself in the TLS config,
which we do not do: https://github.com/hyperledger/fabric/blob/master/internal/pkg/comm/server.go#L70-L95
therefore I find it hard to believe that the workaround you mention indeed works (unless I am misinterpreting your workaround - i assume you mean you do it in the server side and not in the client side)
From: "christoph.buttler via lists.hyperledger.org" <christoph.buttler=ruhr-uni-bochum.de@...>
Date: 06/16/2020 04:05 PM
Subject: [EXTERNAL] Re: [Hyperledger Fabric] Adding a new organisation to the system channel fails after FAB-17733 #fabric #fabric-orderer #raft
Sent by: fabric@...
thanks for your quick reply. As suggested, I have opened
a new JIRA (https://jira.hyperledger.org/browse/FAB-17998).