Date
1 - 15 of 15
Instantiation of FabricSDK instance #fabric-sdk-go
|
Nye Liu <nye@...>
This is if you want to use fabric-sdk-go to enroll with the CA-server w/o having to pass the id/password explicitly. It should pick it up from config.yaml
|
|
|
|
spmcnamara@...
One last question to help clear up my mental map of this setup:
In the config, the "registrar" section contains the id and password of the CA admin. To get my client code to register a new user, I needed my client to enroll as the admin, and to do that needed to pass the id and password of the admin. If this is the case, what is the "Registrar" entry used for, and do I really need it? |
|
|
|
spmcnamara@...
That did the trick. I've got an authentication error to deal with, but I think I can manage that one.
Nye, thanks so much for the assistance on this. It was useful for me to write out my status and questions, and your sample code link and comments definitely pointed me in the right direction. <virtual beer> for you! |
|
|
|
Nye Liu <nye@...>
The matcher section in the client config.yaml is a hack around that, so `localhost` doesn't have to be added as a SAN to the certs.
|
|
|
|
spmcnamara@...
Yes, it's exposed, and I can successfully hit that URL via curl *BUT* I think I see the problem in the results:
My CA thinks it has a different name than what is shown in the config. Let me fix that, and I expect that will solve the problem. Let me verify and reply. |
|
|
|
Nye Liu <nye@...>
Did you expose the docker port to outside the docker network on 7054? This is a docker problem, not a fabric issue.
|
|
|
|
spmcnamara@...
Update: By populating TLSCACerts for everything and making sure the cryptopath is set, I get much further, but still have an error:
2019/05/17 16:46:39 Unable to CreateIdentity: failed to add identity: Failed to add token authorization header because client is unable to fetch the Fabric CA version: Response from server: Error Code: 19 - CA 'ca.corp.poc.myorg.io' does not exist
[fabsdk/fab] 2019/05/17 21:46:39 UTC - n/a -> DEBU Sending request [POST http://localhost:7054/cainfo {"caname":"ca.corp.poc.myorg.io"}] [fabsdk/fab] 2019/05/17 21:46:39 UTC - n/a -> DEBU Received response [statusCode=404 (404 Not Found)] |
|
|
|
Nye Liu <nye@...>
On Fri, May 17, 2019 at 02:32 PM, <spmcnamara@...> wrote:
You are missing TLSCA certs in your MSP directories (or they are empty) |
|
|
|
spmcnamara@...
Note: I did find my mistake on the "Registrar" path, and that is now populating. Same error though.
|
|
|
|
spmcnamara@...
OK, so I found a typo in the peer name from when I redid the config using the sample template, but that just takes me back to the original error (although now with debug output.)
I've tried to get the "registrar" information to get picked up from the config, but haven't been able to find the right spot. I've tried it using the path below, but it didn't do anything. I also tried it in the top-level client with similar non-results. certificateAuthorities:
ca.corp.poc.myorg.io:
client:
tlsCACerts:
registrar:
enrollId: <admin_id>
enrollSecret: <admin_pw>
Thanks for sticking with me on this. Much appreciated! [fabsdk/core] 2019/05/17 21:18:52 UTC - sw.getOptsByConfig -> DEBU Initialized SW cryptosuite
[fabsdk/fab] 2019/05/17 21:18:52 UTC - sw.(*fileBasedKeyStore).createKeyStoreIfNotExists -> DEBU KeyStore path [/tmp/myorg-msp/keystore] missing [true]: [<clean>]
[fabsdk/fab] 2019/05/17 21:18:52 UTC - sw.(*fileBasedKeyStore).createKeyStore -> DEBU Creating KeyStore at [/tmp/myorg-msp/keystore]...
[fabsdk/fab] 2019/05/17 21:18:52 UTC - sw.(*fileBasedKeyStore).createKeyStore -> DEBU KeyStore created at [/tmp/myorg-msp/keystore].
[fabsdk/fab] 2019/05/17 21:18:52 UTC - n/a -> DEBU KeyStore opened at [/tmp/myorg-msp/keystore]...done
[fabsdk/fab] 2019/05/17 21:18:52 UTC - fab.(*EndpointConfig).loadEndpointConfiguration -> DEBU Client is: {Organization:MyOrg TLSCerts:{Client:{Key:{Path: Pem: bytes:[]} Cert:{Path: Pem: bytes:[]}}}}
[fabsdk/fab] 2019/05/17 21:18:52 UTC - fab.(*EndpointConfig).loadEndpointConfiguration -> DEBU channels are: map[mychannel:{Orderers:[orderer.poc.myorg.io] Peers:map[peer0.corp.poc.myorg.io:{EndorsingPeer:true ChaincodeQuery:true LedgerQuery:true EventSource:true} peer1.corp.poc.myorg.io:{EndorsingPeer:true ChaincodeQuery:true LedgerQuery:true EventSource:true}] Policies:{QueryChannelConfig:{MinResponses:0 MaxTargets:0 RetryOpts:{Attempts:0 InitialBackoff:0s MaxBackoff:0s BackoffFactor:0 RetryableCodes:map[]}} Discovery:{MinResponses:0 MaxTargets:0 RetryOpts:{Attempts:0 InitialBackoff:0s MaxBackoff:0s BackoffFactor:0 RetryableCodes:map[]}} Selection:{SortingStrategy: Balancer: BlockHeightLagThreshold:0} EventService:{ResolverStrategy: MinBlockHeightResolverMode: Balancer: BlockHeightLagThreshold:0 PeerMonitor: ReconnectBlockHeightLagThreshold:0 PeerMonitorPeriod:0s}}}]
[fabsdk/fab] 2019/05/17 21:18:52 UTC - fab.(*EndpointConfig).loadEndpointConfiguration -> DEBU organizations are: map[myorg:{MSPID:MyOrgMSP CryptoPath: Users:map[] Peers:[peer0.corp.poc.myorg.io peer1.corp.poc.myorg.io] CertificateAuthorities:[ca.corp.poc.myorg.io]}]
[fabsdk/fab] 2019/05/17 21:18:52 UTC - fab.(*EndpointConfig).loadEndpointConfiguration -> DEBU orderers are: map[orderer.poc.myorg.io:{URL:grpc://localhost:7050 GRPCOptions:map[] TLSCACerts:{Path: Pem: bytes:[]}}]
[fabsdk/fab] 2019/05/17 21:18:52 UTC - fab.(*EndpointConfig).loadEndpointConfiguration -> DEBU peers are: map[peer0.corp.poc.myorg.io:{URL:grpc://localhost:7051 GRPCOptions:map[] TLSCACerts:{Path:/home/myorg-hlf/crypto-config/peerOrganizations/corp.poc.myorg.io/tlsca/tlsca.corp.poc.myorg.io-cert.pem Pem: bytes:[]}} peer1.corp.poc.myorg.io:{URL:grpc://localhost:8051 GRPCOptions:map[] TLSCACerts:{Path:/home/myorg-hlf/crypto-config/peerOrganizations/corp.poc.myorg.io/tlsca/tlsca.corp.poc.myorg.io-cert.pem Pem: bytes:[]}}]
[fabsdk/fab] 2019/05/17 21:18:52 UTC - fab.(*EndpointConfig).compileMatchers -> DEBU Matchers are: {matchers:map[]}
[fabsdk/fab] 2019/05/17 21:18:52 UTC - fab.(*EndpointConfig).compileMatchers -> DEBU Entity matchers are not configured
[fabsdk/fab] 2019/05/17 21:18:52 UTC - fab.detectDeprecatedNetworkConfig -> WARN Getting orderers from endpoint config channels.orderer is deprecated, use entity matchers to override orderer configuration
[fabsdk/fab] 2019/05/17 21:18:52 UTC - fab.detectDeprecatedNetworkConfig -> WARN visit https://github.com/hyperledger/fabric-sdk-go/blob/master/test/fixtures/config/overrides/local_entity_matchers.yaml for samples
[fabsdk/msp] 2019/05/17 21:18:52 UTC - msp.(*IdentityConfig).loadIdentityConfigEntities -> DEBU Client is: {Organization:MyOrg Logging:{Level:debug} CryptoConfig:{Path:/home/myorg-hlf/crypto-config} TLSCerts:{Client:{Key:{Path: Pem: bytes:[]} Cert:{Path: Pem: bytes:[]}}} CredentialStore:{Path:/tmp/myorg-kvs CryptoStore:{Path:/tmp/myorg-msp}}}
[fabsdk/msp] 2019/05/17 21:18:52 UTC - msp.(*IdentityConfig).loadIdentityConfigEntities -> DEBU organizations are: map[myorg:{MSPID:MyOrgMSP CryptoPath: Users:map[] Peers:[peer0.corp.poc.myorg.io peer1.corp.poc.myorg.io] CertificateAuthorities:[ca.corp.poc.myorg.io]}]
[fabsdk/msp] 2019/05/17 21:18:52 UTC - msp.(*IdentityConfig).loadIdentityConfigEntities -> DEBU certificateAuthorities are: map[ca.corp.poc.myorg.io:{URL:http://localhost:7054 GRPCOptions:map[] TLSCACerts:{Pem:[] Path: Client:{Key:{Path: Pem: bytes:[]} Cert:{Path: Pem: bytes:[]}}} Registrar:{EnrollID: EnrollSecret:} CAName:ca.corp.poc.myorg.io}]
[fabsdk/msp] 2019/05/17 21:18:52 UTC - msp.(*IdentityConfig).compileMatchers -> DEBU Matchers are: {matchers:map[]}
[fabsdk/msp] 2019/05/17 21:18:52 UTC - msp.(*IdentityConfig).loadAllCAConfigs -> DEBU Mapped Certificate Authority for [myorg] to [ca.corp.poc.myorg.io]
|
|
|
|
Nye Liu <nye@...>
Is your peer org listed in the "organziations:" section of
your config.yaml with the correct peers and mspid? On 5/17/2019 12:59 PM,
spmcnamara@... wrote:
Following up: I found the config-file parameter for setting the logging level, and now am getting output but it hasn't helped me understand where this is going wrong... I'm including the debug output below in case it helps anyone spot where this is going sideways. Is the problem that the TLSCerts are not specified? I would expect some kind of "key" error rather than an error about not finding the MSP ID. If it's due to the crypto files, is there any reason why that would be OK for the NodeSDK but not for GoSDK? Aren't they both making the same calls to the HLF REST API service? Thanks for any help! |
|
|
|
spmcnamara@...
Following up: I found the config-file parameter for setting the logging level, and now am getting output but it hasn't helped me understand where this is going wrong... I'm including the debug output below in case it helps anyone spot where this is going sideways. Is the problem that the TLSCerts are not specified? I would expect some kind of "key" error rather than an error about not finding the MSP ID. If it's due to the crypto files, is there any reason why that would be OK for the NodeSDK but not for GoSDK? Aren't they both making the same calls to the HLF REST API service? Thanks for any help!
[fabsdk/core] 2019/05/17 19:50:49 UTC - sw.getOptsByConfig -> DEBU Initialized SW cryptosuite
[fabsdk/fab] 2019/05/17 19:50:49 UTC - sw.(*fileBasedKeyStore).createKeyStoreIfNotExists -> DEBU KeyStore path [/tmp/myorg-msp/keystore] missing [true]: []
[fabsdk/fab] 2019/05/17 19:50:49 UTC - sw.(*fileBasedKeyStore).createKeyStore -> DEBU Creating KeyStore at [/tmp/myorg-msp/keystore]...
[fabsdk/fab] 2019/05/17 19:50:49 UTC - sw.(*fileBasedKeyStore).createKeyStore -> DEBU KeyStore created at [/tmp/myorg-msp/keystore].
[fabsdk/fab] 2019/05/17 19:50:49 UTC - n/a -> DEBU KeyStore opened at [/tmp/myorg-msp/keystore]...done
[fabsdk/fab] 2019/05/17 19:50:49 UTC - fab.(*EndpointConfig).loadEndpointConfiguration -> DEBU Client is: {Organization:MyOrg TLSCerts:{Client:{Key:{Path: Pem: bytes:[]} Cert:{Path: Pem: bytes:[]}}}}
[fabsdk/fab] 2019/05/17 19:50:49 UTC - fab.(*EndpointConfig).loadEndpointConfiguration -> DEBU channels are: map[mychannel:{Orderers:[orderer.poc.myorg.io] Peers:map[peer0.corp.poc.myorg.io:{EndorsingPeer:true ChaincodeQuery:true LedgerQuery:true EventSource:true} peer1.corp.poc.myorg.io:{EndorsingPeer:true ChaincodeQuery:true LedgerQuery:true EventSource:true}] Policies:{QueryChannelConfig:{MinResponses:0 MaxTargets:0 RetryOpts:{Attempts:0 InitialBackoff:0s MaxBackoff:0s BackoffFactor:0 RetryableCodes:map[]}} Discovery:{MinResponses:0 MaxTargets:0 RetryOpts:{Attempts:0 InitialBackoff:0s MaxBackoff:0s BackoffFactor:0 RetryableCodes:map[]}} Selection:{SortingStrategy: Balancer: BlockHeightLagThreshold:0} EventService:{ResolverStrategy: MinBlockHeightResolverMode: Balancer: BlockHeightLagThreshold:0 PeerMonitor: ReconnectBlockHeightLagThreshold:0 PeerMonitorPeriod:0s}}}]
[fabsdk/fab] 2019/05/17 19:50:49 UTC - fab.(*EndpointConfig).loadEndpointConfiguration -> DEBU organizations are: map[myorg:{MSPID:MyOrgMSP CryptoPath: Users:map[] Peers:[peer0.corp.ca.myorg.io peer1.corp.ca.myorg.io] CertificateAuthorities:[ca.corp.poc.myorg.io]}]
[fabsdk/fab] 2019/05/17 19:50:49 UTC - fab.(*EndpointConfig).loadEndpointConfiguration -> DEBU orderers are: map[orderer.poc.myorg.io:{URL:grpc://localhost:7050 GRPCOptions:map[] TLSCACerts:{Path: Pem: bytes:[]}}]
[fabsdk/fab] 2019/05/17 19:50:49 UTC - fab.(*EndpointConfig).loadEndpointConfiguration -> DEBU peers are: map[peer0.corp.poc.myorg.io:{URL:grpc://localhost:7051 GRPCOptions:map[] TLSCACerts:{Path: Pem: bytes:[]}} peer1.corp.poc.myorg.io:{URL:grpc://localhost:8051 GRPCOptions:map[] TLSCACerts:{Path: Pem: bytes:[]}}]
[fabsdk/fab] 2019/05/17 19:50:49 UTC - fab.(*EndpointConfig).compileMatchers -> DEBU Matchers are: {matchers:map[]}
[fabsdk/fab] 2019/05/17 19:50:49 UTC - fab.(*EndpointConfig).compileMatchers -> DEBU Entity matchers are not configured
From there, my code returns: 2019/05/17 14:50:49 Unable to construct FabSDK: failed to initialize configuration: unable to load endpoint config: failed to initialize endpoint config from config backend: network configuration load failed: failed to load channel configs: failed to load channel peers: unable to find MSP ID for peer : peer0.corp.poc.myorg.io |
|
|
|
spmcnamara@...
Thanks Nye, I appreciate that link!
Using that config file as a template for my own, I'm now getting a slightly different error: failed to initialize configuration: unable to load endpoint config: failed to initialize endpoint config from config backend: network configuration load failed: failed to load channel configs: failed to load channel peers: unable to find MSP ID for peer : It's odd because as I mentioned, this config works properly for the NodeSDK, but I'm guessing I either have a typo somewhere or am missing a parameter that is required by the GoSDK (although I can't spot it.) I haven't managed to figure out how to set the SDK logger into DEBUG mode and get the logging output. I've tried adding the following to the start of my client code: logging.SetLevel("",logging.DEBUG)
but I don't get any logging output from that even though I see log directives in the SDK source code. Any tips? Being able to trace the SDK execution at the client would be extremely helpful! Thanks again for the link! |
|
|
|
Nye Liu <nye@...>
This might be helpful: https://github.com/Blockdaemon/hlf-database-app It can use either cryptogen, or you can point it to a
CA-server (the example is only for blockdaemon's hlf ca-servers
and orderer/peer setup). On 5/16/2019 2:35 PM,
spmcnamara@... wrote:
Hi All, |
|
|
|
spmcnamara@...
Hi All,
I'm struggling to get an instance of FabricSDK instantiated and am hoping someone can fix my fundamental mistake here (since I know this shouldn't be that hard.) I'm trying to create/interface with the MSP client in order to do user registration/enrollment, but am clearly doing something wrong. I've created a config JSON file. I've been able to successfully use this config file with the NodeSDK to register users using the FabCar project as an example. When I try to create my instance of FabSDK, I get the following: failed to initialize configuration: unable to load identity config: failed to initialize identity config from config backend: failed to create identity config from backends: failed to load all CA configs : failed to load server certs: open : no such file or directoryI recognize that the NodeSDK and Golang SDK are different, but I'm not entirely sure what needs to change or what parameters I'm missing. I've tried using the ChainHero sample code as a template, but it appears to be for an older version of fabric (I'm on HLF 1.4) and also appears to point to the full crypto-config directory which contains all the systems private keys. This doesn't seem like a good thing to do to me. Any guidance is appreciated! |
|
|