Confusions in Fabric-CA operational guide

Abhijeet Bhowmik <abhijeet@...>


Studying Fabric-CA operational guide, there are two certificates mainly present in the ca's crypto folder, ca-cert.pem and tls-cert.pem. There is no mention of what tls-cert.pem is supposed to be. While running fabric-ca-client register commands targeting TLS CA server , we used TLS CA's ca-cert.pem and while registering peer and admin to Org's CA server, Org CA's ca-cert.pem is used. I have developed a notion that we tell fabric-ca-client to trust only a CA server whose signature while TLSing matches the criteria as per ca-cert.pem. Am I right in thinking this? And also what certificate should I use as trustedRoots while making a connection with FabricCA via Fabric CA client SDK. Please excuse if my questions are naive. I am still a novice.

Thanks a lot
Abhijeet Bhowmik

Join to automatically receive all group messages.