Hi Team,
We are trying to configure pkcs11 HSM key with fabric-ca client but getting following error.
"Error: Failed to get BCCSP with opts: Could not find BCCSP, no 'pkcs11' provider"
We have executed following steps:
1. We have cloned fabric-ca 1.4.7 git repo
2. from /opts/fabric-ca directory run below commands
make clean
make docker GO_TAGS=pkcs11
3 Used first network and did following environment changes in docker-compose-ca.yaml file and restart ca container
ca0:
image: hyperledger/fabric-ca:amd64-1.4.7
environment:
- FABRIC_CA_HOME=/etc/hyperledger/fabric-ca-server
- FABRIC_CA_SERVER_CA_NAME=ca-org1
- FABRIC_CA_SERVER_TLS_ENABLED=true
- FABRIC_CA_SERVER_TLS_CERTFILE=/etc/hyperledger/fabric-ca-server-config/ca.org1.example.com-cert.pem
#- FABRIC_CA_SERVER_TLS_KEYFILE=/etc/hyperledger/fabric-ca-server-config/${BYFN_CA1_PRIVATE_KEY}
- FABRIC_CA_SERVER_TLS_KEYFILE=/etc/hyperledger/fabric-ca-server-config/07777242bfa0a52d88d8ed5887d92c774e54886bcb8b41ce1a17ff42095c8363_sk
- FABRIC_CA_SERVER_PORT=7054
- FABRIC_CA_SERVER_BCCSP_LIBRARY=/etc/hyperledger/libsofthsm2.so
- FABRIC_CA_SERVER_BCCSP_PIN=12345
- FABRIC_CA_SERVER_BCCSP_LABEL=fabric
- FABRIC_CA_SERVER_BCCSP_KEYSTORE=msp/keystore
- FABRIC_CA_SERVER_BCCSP_DEFAULT=pkcs11
- SOFT_HSM_2_CONF=/etc/hyperledger/config.file
- FABRIC_LOGGING_SPEC=DEBUG
ports:
- "7054:7054"
command: sh -c 'fabric-ca-server start --ca.certfile /etc/hyperledger/fabric-ca-server-config/ca.org1.example.com-cert.pem --ca.keyfile /etc/hyperledger/fabric-ca-server-config/${BYFN_CA1_PRIVATE_KEY} -b admin:adminpw -d'
volumes:
- ./crypto-config/peerOrganizations/org1.example.com/ca/:/etc/hyperledger/fabric-ca-server-config
- /usr/local/lib/softhsm/libsofthsm2.so:/etc/hyperledger/libsofthsm2.so
- /home/ubuntu/config.file:/etc/hyperledger/config.file
container_name: ca_peerOrg1
networks:
byfn:
aliases:
- ca.org1.example.com
Kindly suggest.