1. fabric@lists.hyperledger.org
  2. Messages
   Date   
Error during ccp-template.json & ccp-template.yaml file generation -Reg.

Sasikumar R
 

Hi,
     I want to generate both "ccp-template.json & ccp-template.yaml" files using the script file "ccp-generate.sh". My script file contains the following code.

#!/bin/bash

function one_line_pem() {
echo "$(awk 'NF {sub(/\\n/, ""); printf "%s\\\\\\\n",$0;}' $1)"
}
function json_ccp() {
local PP=$(one_line_pem $4)
local CP=$(one_line_pem $5)
sed -e "s/\${ORG}/$1/" \
-e "s/\${P0PORT}/$2/" \
-e "s/\${CAPORT}/$3/" \
-e "s#\${PEERPEM}#$PP#" \
-e "s#\${CAPEM}#$CP#" \
consortium/ccp-template.json
}
function yaml_ccp() {
local PP=$(one_line_pem $4)
local CP=$(one_line_pem $5)
sed -e "s/\${ORG}/$1/" \
-e "s/\${P0PORT}/$2/" \
-e "s/\${CAPORT}/$3/" \
-e "s#\${PEERPEM}#$PP#" \
-e "s#\${CAPEM}#$CP#" \
consortium/ccp-template.yaml | sed -e $'s/\\\\n/\\\n /g'
}

ORG="hospital"
P0PORT=7051
CAPORT=1010
PEERPEM=consortium/crypto-config/peerOrganizations/hospital/tlsca/tlsca.hospital-cert.pem
CAPEM=consortium/crypto-config/peerOrganizations/hospital/ca/ca.hospital-cert.pem

echo "$(json_ccp $ORG $P0PORT $CAPORT $PEERPEM $CAPEM)" >consortium/crypto-config/peerOrganizations/hospital/connection-hospital.json
echo "$(yaml_ccp $ORG $P0PORT $CAPORT $PEERPEM $CAPEM)" >consortium/crypto-config/peerOrganizations/hospital/connection-hospital.yaml

But when trying to execute this script file it shows the following
error.

Screenshot from 2021-10-21 20-41-47.png

Kindly help to rectify this issue.
Re: MSP is not defined on channel #channel - Error #channel

David F. D. Reis
 

Hi. This might be an error with peer environment variables (error="MSP Org3 is not defined on channel).

May you share with us your configtx and docker-compose files that you are using? 

  1. docker-compose-org3.yaml;
  2. configtx.yaml;
  3. docker-compose-test-net.yaml;
  4. Last config block json;
  5. Version of the fabric and fabric-samples;
  6. CORE_PEER_LOCALMSPID env value.



Best regards.

David



Em qui., 21 de out. de 2021 às 00:48, Kavin Arumugam <a.kavin24@...> escreveu:

Hi DeepakGera and Sandeep,

If the issue is still not resolved for you, please share the steps to recreate the issue.

So, that community can debug, what may be the issue?



Thanks & Regards
Kavin Arumugam
Mobile: +91 7373 36 86 36
LinkedIn: @karthikkavina


On Wed, Oct 20, 2021 at 10:09 PM DeepakGera <deepakgera1@...> wrote:
Thanks for reply. Yes we are using default policies. Also we looked at config block and crypto. Latest config has the new Org3 with correct certificates 

-Deepak

On Wed, 20 Oct 2021 at 10:02 PM, David Faulstich <davidfdr@...> wrote:
You may try to get the last config block and look for the Org3 crypto material and check the json. Are you using the test-network provided in fabric samples with default policies?





Em qua., 20 de out. de 2021 às 08:26, DeepakGera <deepakgera1@...> escreveu:
Hello Folks

Any help/ guidance is appreciated.
We have added a new org to the consortium and then joined the existing channel. Joining the channel is successful but we are unable to run “getinfo” or see already committed chaincodes on the channel.

Weird thing is when we do peer channel list we can see the Org, we can also it in channel-config.json but still in logs we see the error “MSP xxxx is not defined on channel “

Please advise. Please refer to below email trail for error logs 

Thanks 
Deepak 


On Wed, 20 Oct 2021 at 12:59 PM, sandeep gupta <javrevasandeep@...> wrote:
we have added a new org to our consortium. Successfully able to join the channels from new Org peers. Now trying to getinfo command on new Org peer and getting the below error

Command used - peer channel getinfo -c test-channel

Error: received bad response, status 500: access denied for [GetChainInfo][test-channel]: [Failed evaluating policy on signed data during check policy on channel [test-channel] with policy [/Channel/Application/Readers]: [implicit policy evaluation failed - 0 sub-policies were satisfied, but this policy requires 1 of the 'Readers' sub-policies to be satisfied]]

Peer Logs - 2021-10-20 07:18:45.057 UTC [policies] SignatureSetToValidIdentities -> WARN d1a93c invalid identity: certificate subject=CN=peer1,OU=peer,O=Hyperledger,ST=North Carolina,C=US serialnumber=41365438365218511579049 error="MSP Org3 is not defined on channel

2021-10-20 07:18:45.037 UTC [gossip.gossip] UpdateLedgerHeight -> WARN d1a8d3 No such channel [112 97 114 116 99 104 97 105 110 45 99 104 97 110 110 101 108]

[33m2021-10-20 07:18:44.067 UTC [gossip.gossip] Gossip -> WARN d1a062 [0m Failed obtaining gossipChannel of [112 97 114 116 99 104 97 105 110 45 99 104 97 110 110 101 108] aborting



--
David Faulstich Diniz Reis



--
David Faulstich Diniz Reis
#hyperledger-fabric #orderer #channel #orderer #channel #hyperledger-fabric

rudi.heydra@...
 

Hi

I'm doing the "Getting started" tutorial - Running a Test Network.

I'm at the point of "Creating a channel" but got stuck with this error... also see the attachment.


osnadmin: error: parsing arguments: reading orderer CA certificate: open /c/Users/rudih/go/src/github.com/rudiheydra/fabric-samples/test-network/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem: The system cannot find the path specified.. Try --help
Channel creation failed

I need some help, please.
Much appreciated.
Re: MSP is not defined on channel #channel - Error #channel

Kavin Arumugam
 

Hi DeepakGera and Sandeep,

If the issue is still not resolved for you, please share the steps to recreate the issue.

So, that community can debug, what may be the issue?



Thanks & Regards
Kavin Arumugam
Mobile: +91 7373 36 86 36
LinkedIn: @karthikkavina


On Wed, Oct 20, 2021 at 10:09 PM DeepakGera <deepakgera1@...> wrote:
Thanks for reply. Yes we are using default policies. Also we looked at config block and crypto. Latest config has the new Org3 with correct certificates 

-Deepak

On Wed, 20 Oct 2021 at 10:02 PM, David Faulstich <davidfdr@...> wrote:
You may try to get the last config block and look for the Org3 crypto material and check the json. Are you using the test-network provided in fabric samples with default policies?





Em qua., 20 de out. de 2021 às 08:26, DeepakGera <deepakgera1@...> escreveu:
Hello Folks

Any help/ guidance is appreciated.
We have added a new org to the consortium and then joined the existing channel. Joining the channel is successful but we are unable to run “getinfo” or see already committed chaincodes on the channel.

Weird thing is when we do peer channel list we can see the Org, we can also it in channel-config.json but still in logs we see the error “MSP xxxx is not defined on channel “

Please advise. Please refer to below email trail for error logs 

Thanks 
Deepak 


On Wed, 20 Oct 2021 at 12:59 PM, sandeep gupta <javrevasandeep@...> wrote:
we have added a new org to our consortium. Successfully able to join the channels from new Org peers. Now trying to getinfo command on new Org peer and getting the below error

Command used - peer channel getinfo -c test-channel

Error: received bad response, status 500: access denied for [GetChainInfo][test-channel]: [Failed evaluating policy on signed data during check policy on channel [test-channel] with policy [/Channel/Application/Readers]: [implicit policy evaluation failed - 0 sub-policies were satisfied, but this policy requires 1 of the 'Readers' sub-policies to be satisfied]]

Peer Logs - 2021-10-20 07:18:45.057 UTC [policies] SignatureSetToValidIdentities -> WARN d1a93c invalid identity: certificate subject=CN=peer1,OU=peer,O=Hyperledger,ST=North Carolina,C=US serialnumber=41365438365218511579049 error="MSP Org3 is not defined on channel

2021-10-20 07:18:45.037 UTC [gossip.gossip] UpdateLedgerHeight -> WARN d1a8d3 No such channel [112 97 114 116 99 104 97 105 110 45 99 104 97 110 110 101 108]

[33m2021-10-20 07:18:44.067 UTC [gossip.gossip] Gossip -> WARN d1a062 [0m Failed obtaining gossipChannel of [112 97 114 116 99 104 97 105 110 45 99 104 97 110 110 101 108] aborting



--
David Faulstich Diniz Reis
Re: MSP is not defined on channel #channel - Error #channel

DeepakGera
 

Thanks for reply. Yes we are using default policies. Also we looked at config block and crypto. Latest config has the new Org3 with correct certificates 

-Deepak

On Wed, 20 Oct 2021 at 10:02 PM, David Faulstich <davidfdr@...> wrote:
You may try to get the last config block and look for the Org3 crypto material and check the json. Are you using the test-network provided in fabric samples with default policies?





Em qua., 20 de out. de 2021 às 08:26, DeepakGera <deepakgera1@...> escreveu:
Hello Folks

Any help/ guidance is appreciated.
We have added a new org to the consortium and then joined the existing channel. Joining the channel is successful but we are unable to run “getinfo” or see already committed chaincodes on the channel.

Weird thing is when we do peer channel list we can see the Org, we can also it in channel-config.json but still in logs we see the error “MSP xxxx is not defined on channel “

Please advise. Please refer to below email trail for error logs 

Thanks 
Deepak 


On Wed, 20 Oct 2021 at 12:59 PM, sandeep gupta <javrevasandeep@...> wrote:
we have added a new org to our consortium. Successfully able to join the channels from new Org peers. Now trying to getinfo command on new Org peer and getting the below error

Command used - peer channel getinfo -c test-channel

Error: received bad response, status 500: access denied for [GetChainInfo][test-channel]: [Failed evaluating policy on signed data during check policy on channel [test-channel] with policy [/Channel/Application/Readers]: [implicit policy evaluation failed - 0 sub-policies were satisfied, but this policy requires 1 of the 'Readers' sub-policies to be satisfied]]

Peer Logs - 2021-10-20 07:18:45.057 UTC [policies] SignatureSetToValidIdentities -> WARN d1a93c invalid identity: certificate subject=CN=peer1,OU=peer,O=Hyperledger,ST=North Carolina,C=US serialnumber=41365438365218511579049 error="MSP Org3 is not defined on channel

2021-10-20 07:18:45.037 UTC [gossip.gossip] UpdateLedgerHeight -> WARN d1a8d3 No such channel [112 97 114 116 99 104 97 105 110 45 99 104 97 110 110 101 108]

[33m2021-10-20 07:18:44.067 UTC [gossip.gossip] Gossip -> WARN d1a062 [0m Failed obtaining gossipChannel of [112 97 114 116 99 104 97 105 110 45 99 104 97 110 110 101 108] aborting



--
David Faulstich Diniz Reis
Re: MSP is not defined on channel #channel - Error #channel

David F. D. Reis
 

You may try to get the last config block and look for the Org3 crypto material and check the json. Are you using the test-network provided in fabric samples with default policies?





Em qua., 20 de out. de 2021 às 08:26, DeepakGera <deepakgera1@...> escreveu:

Hello Folks

Any help/ guidance is appreciated.
We have added a new org to the consortium and then joined the existing channel. Joining the channel is successful but we are unable to run “getinfo” or see already committed chaincodes on the channel.

Weird thing is when we do peer channel list we can see the Org, we can also it in channel-config.json but still in logs we see the error “MSP xxxx is not defined on channel “

Please advise. Please refer to below email trail for error logs 

Thanks 
Deepak 


On Wed, 20 Oct 2021 at 12:59 PM, sandeep gupta <javrevasandeep@...> wrote:
we have added a new org to our consortium. Successfully able to join the channels from new Org peers. Now trying to getinfo command on new Org peer and getting the below error

Command used - peer channel getinfo -c test-channel

Error: received bad response, status 500: access denied for [GetChainInfo][test-channel]: [Failed evaluating policy on signed data during check policy on channel [test-channel] with policy [/Channel/Application/Readers]: [implicit policy evaluation failed - 0 sub-policies were satisfied, but this policy requires 1 of the 'Readers' sub-policies to be satisfied]]

Peer Logs - 2021-10-20 07:18:45.057 UTC [policies] SignatureSetToValidIdentities -> WARN d1a93c invalid identity: certificate subject=CN=peer1,OU=peer,O=Hyperledger,ST=North Carolina,C=US serialnumber=41365438365218511579049 error="MSP Org3 is not defined on channel

2021-10-20 07:18:45.037 UTC [gossip.gossip] UpdateLedgerHeight -> WARN d1a8d3 No such channel [112 97 114 116 99 104 97 105 110 45 99 104 97 110 110 101 108]

[33m2021-10-20 07:18:44.067 UTC [gossip.gossip] Gossip -> WARN d1a062 [0m Failed obtaining gossipChannel of [112 97 114 116 99 104 97 105 110 45 99 104 97 110 110 101 108] aborting



--
David Faulstich Diniz Reis
Re: MSP is not defined on channel #channel - Error #channel

DeepakGera
 

Hello Folks

Any help/ guidance is appreciated.
We have added a new org to the consortium and then joined the existing channel. Joining the channel is successful but we are unable to run “getinfo” or see already committed chaincodes on the channel.

Weird thing is when we do peer channel list we can see the Org, we can also it in channel-config.json but still in logs we see the error “MSP xxxx is not defined on channel “

Please advise. Please refer to below email trail for error logs 

Thanks 
Deepak 


On Wed, 20 Oct 2021 at 12:59 PM, sandeep gupta <javrevasandeep@...> wrote:
we have added a new org to our consortium. Successfully able to join the channels from new Org peers. Now trying to getinfo command on new Org peer and getting the below error

Command used - peer channel getinfo -c test-channel

Error: received bad response, status 500: access denied for [GetChainInfo][test-channel]: [Failed evaluating policy on signed data during check policy on channel [test-channel] with policy [/Channel/Application/Readers]: [implicit policy evaluation failed - 0 sub-policies were satisfied, but this policy requires 1 of the 'Readers' sub-policies to be satisfied]]

Peer Logs - 2021-10-20 07:18:45.057 UTC [policies] SignatureSetToValidIdentities -> WARN d1a93c invalid identity: certificate subject=CN=peer1,OU=peer,O=Hyperledger,ST=North Carolina,C=US serialnumber=41365438365218511579049 error="MSP Org3 is not defined on channel

2021-10-20 07:18:45.037 UTC [gossip.gossip] UpdateLedgerHeight -> WARN d1a8d3 No such channel [112 97 114 116 99 104 97 105 110 45 99 104 97 110 110 101 108]

[33m2021-10-20 07:18:44.067 UTC [gossip.gossip] Gossip -> WARN d1a062 [0m Failed obtaining gossipChannel of [112 97 114 116 99 104 97 105 110 45 99 104 97 110 110 101 108] aborting
MSP is not defined on channel #channel - Error #channel

sandeep gupta
 

we have added a new org to our consortium. Successfully able to join the channels from new Org peers. Now trying to getinfo command on new Org peer and getting the below error

Command used - peer channel getinfo -c test-channel

Error: received bad response, status 500: access denied for [GetChainInfo][test-channel]: [Failed evaluating policy on signed data during check policy on channel [test-channel] with policy [/Channel/Application/Readers]: [implicit policy evaluation failed - 0 sub-policies were satisfied, but this policy requires 1 of the 'Readers' sub-policies to be satisfied]]

Peer Logs - 2021-10-20 07:18:45.057 UTC [policies] SignatureSetToValidIdentities -> WARN d1a93c invalid identity: certificate subject=CN=peer1,OU=peer,O=Hyperledger,ST=North Carolina,C=US serialnumber=41365438365218511579049 error="MSP Org3 is not defined on channel

2021-10-20 07:18:45.037 UTC [gossip.gossip] UpdateLedgerHeight -> WARN d1a8d3 No such channel [112 97 114 116 99 104 97 105 110 45 99 104 97 110 110 101 108]

[33m2021-10-20 07:18:44.067 UTC [gossip.gossip] Gossip -> WARN d1a062 Failed obtaining gossipChannel of [112 97 114 116 99 104 97 105 110 45 99 104 97 110 110 101 108] aborting
Now: Private Chaincode Lab - 10/19/2021 #cal-notice

fabric@lists.hyperledger.org Calendar <noreply@...>
 

Private Chaincode Lab

When:
10/19/2021
8:00am to 9:00am
(UTC-07:00) America/Los Angeles

Where:
https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

Organizer: Marcus Brandenburger bur@...

View Event

Description:
Two of the Hyperleger Labs projects (private data objects and private chain code) are collaborating to develop a "private smart contracts" capability.

Join Zoom Meeting https://zoom.us/j/5184947650?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09 Meeting ID: 518 494 7650 Passcode: 475869

Upcoming virtual meetups featuring Hyperledger Fabric

David Boswell <dboswell@...>
 

There are four virtual meetups happening this week and next week that feature content related to Hyperledger Fabric -- 3 are in English and 1 is in Spanish.

Since these are virtual events, anyone anywhere is welcome to dial-in if you're interested in the topic.  Dial-in information is in the links below.

And if there is anything related to Fabric that you'd like to share with the community, let me know and I can help you organize and promote a virtual meetup.





Thanks,
David
Re: client application when using kind k8s test-network

Matthew White
 

Hello, yes you're correct there is one coming from the team. 
 
As a separate exercise I've tried using the (new) Gateway with a Java client application.   The current code is here... https://github.com/ampretia/ledger-backed-messaging/blob/main/apps/LedgerMessaging/src/main/java/org/ledger/FabricServiceFactory.java
 
but may well move in the future. 
 
 
Regards, Matthew.
Matthew B White  IBM Blockchain Solutions Architect
 
Email me at WHITEMAT@...
Find me on StackOverflow, and generally at  calanais.me.uk
 
Note: restricted availability for meetings 14:30 to 17:00 UK Tuesday 
IBM United Kingdom Limited, Hursley Park, Winchester, Hampshire, SO21 2JN
"The wrong answers are the ones you go looking for when the right answers stare you in the face"
 
 
 
----- Original message -----
From: "Nikos Karamolegkos" <nkaram@...>
Sent by: fabric@...
To: fabric@...
Cc:
Subject: [EXTERNAL] Re: [Hyperledger Fabric] client application when using kind k8s test-network
Date: Tue, Oct 19, 2021 3:00 PM
 
 

Unless stated otherwise above:

IBM United Kingdom Limited - Registered in England and Wales with number 741598.

Registered office: PO Box 41, North Harbour, Portsmouth, Hampshire PO6 3AU
Re: client application when using kind k8s test-network

Nikos Karamolegkos
 

I understand there is WIP in deployment of an external GW client application as shown here but after the second step the instructions are not very detailed and I get lost.
Any help on that?
Re: "signing identity expired " in Fabric 1.4.12

Angelo De Caro
 

Hi Joaquim,

Thanks for your questions. 

The documentation needs to be updated to clearly state when expiration is enforced and when not.

The paragraph you refer to is related to channel operations. For example, if Alice submits a transaction to a channel, her identity must be validated against the MSPs defined in that channel. In this case, the validation will not take in consideration the expiration of the identity because Fabric does not offer a concept of time relative to which this expiration can be checked (https://github.com/hyperledger/fabric/blob/89a130704bd8bee05c465abbde541cf1a5ac5ee9/msp/mspimplvalidate.go#L260).

Different thing is when a "Local MSP" is loaded. A local MSP contains a signing identity, admin identities and so. In this case, we enforce expiration because we can do that. The time reference is that of the peer on which the local MSP is loaded. (https://github.com/hyperledger/fabric/blob/89a130704bd8bee05c465abbde541cf1a5ac5ee9/msp/mspimplsetup.go#L367)

So, yes, this is the expected behaviour. We will update the documentation accordingly.

Thanks again for your feedback, Joaquim. I appreciate :)
Expired MSP certificates - fabric 1.4.12

Joaquim Pedro C. Oliveira <joaquimpedrooliveira@...>
 

Hello, all.

The Fabric 1.4.12 documentation says that (https://hyperledger-fabric.readthedocs.io/en/release-1.4/msp.html): "It is important to note that MSP identities never expire; they can only be revoked by adding them to the appropriate CRLs."

However, in a test network we've set up using expired MSP certificates, we're getting the following messages:
- in orderers: 2021-10-15 17:34:48.658 UTC [orderer.common.server] initializeLocalMsp -> FATA 002 Failed to initialize local MSP: signing identity expired 334h3m43.658279638s ago

- in fabric-tools, after a "peer channel list": 2021-10-15 18:10:40.930 UTC [main] InitCmd -> ERRO 042 Cannot run peer because error when setting up MSP of type bccsp from directory /etc/hyperledger/msp/users/admin/msp: signing identity expired 334h44m33.930617682s ago

Is this the expected behaviour?

Thanks in advance,

Joaquim Oliveira
"signing identity expired " in Fabric 1.4.12

Joaquim Pedro C. Oliveira <joaquimpedrooliveira@...>
 



Hello, all.

The Fabric 1.4.12 documentation says that (https://hyperledger-fabric.readthedocs.io/en/release-1.4/msp.html): "It is important to note that MSP identities never expire; they can only be revoked by adding them to the appropriate CRLs."

However, in a test network we've set up using expired MSP certificates, we're getting the following messages:
- in orderers: 2021-10-15 17:34:48.658 UTC [orderer.common.server] initializeLocalMsp -> FATA 002 Failed to initialize local MSP: signing identity expired 334h3m43.658279638s ago

- in fabric-tools, after a "peer channel list": 2021-10-15 18:10:40.930 UTC [main] InitCmd -> ERRO 042 Cannot run peer because error when setting up MSP of type bccsp from directory /etc/hyperledger/msp/users/admin/msp: signing identity expired 334h44m33.930617682s ago

Is this the expected behaviour?

Thanks in advance,

Joaquim Oliveira
Re: Question about fabric motivation #fabric

Marcos Sarres
 

Here is an example that may help you.

https://github.com/GoLedgerDev/cc-tools-demo

 

This repository uses a library that checks which MSP is allowed to modify each asset property.

 

For example, the code below defines that only org2MSP can modify the property ‘title’ of asset ‘book’

 

// Description of a book

var Book = assets.AssetType{

               Tag:         "book",

               Label:       "Book",

               Description: "Book",

 

               Props: []assets.AssetProp{

                              {

                                            // Composite Key

                                            Required: true,

                                            IsKey:    true,

                                            Tag:      "title",

                                            Label:    "Book Title",

                                            DataType: "string",

                                            Writers:  []string{`org2MSP`}, // This means only org2 can create the asset (others can edit)

                              },

 

Regards,

 

Marcos Sarres | CEO | +55 61 98116 7866

 

 

De: fabric@... <fabric@...> Em nome de BigBang019
Enviada em: sexta-feira, 15 de outubro de 2021 01:01
Para: fabric@...
Assunto: Re: [Hyperledger Fabric] Question about fabric motivation

 

Thanks for your reply, and thanks to @conanoc.

But I still have some question:

According to @conanoc "You also can add some validation logic in the chaincode to guarantee the access right to some functions or data", 
could you please be more specific on what kind of chaincode API could do this, and how?

Thanks in advance.

Re: Proof of data using HLF

Nikos Karamolegkos
 

Following the previous question. I would like firstly to check if the data obey the rules of the chaincode and if yes, to calculate the hash of the data inside the chaincode which finally will be written to the ledger.
Re: Question about fabric motivation #fabric

conanoc
 

Take a look at this example: https://github.com/hyperledger/fabric-samples/blob/main/token-erc-20/chaincode-javascript/lib/tokenERC20.js#L126
Re: Question about fabric motivation #fabric

BigBang019
 

Thanks for your reply, and thanks to @conanoc.

But I still have some question:

According to @conanoc "You also can add some validation logic in the chaincode to guarantee the access right to some functions or data", 
could you please be more specific on what kind of chaincode API could do this, and how?

Thanks in advance.
Re: Question about fabric motivation #fabric

David Enyeart
 

Additionally the agreed upon chaincode definition specifies the endorsement policy which defines the set of organizations that must endorse a transaction before it can be validated. This way OrgA cannot unilaterally change the state.
1261 - 1280 of 11659