Error in raft consensus for hyperledger fabric network after TLS certificate rotation #fabric-ca #fabric-orderer #hyperledger-fabric #raft #tls


After the expiration of tls and admin certs of the peer and orderers in the network, I'm trying to rotate the tls certificates of the orderer by making config updates in all the channels of which the orderer was a part.

First I have updated config with the new admin certs and then changed tls cert for one of the orderer, everything works fine and the TLS rotation is successful. But after restarting that orderer with the new certs and the updated genesis file, the orderer is not able to be a part of the raft consensus:

From the debug logs output I can check that the new orderer is able to send Step requests to all the other orderers but the MsgPreVote request from this new orderer is being ignored by other orderers.

Can someone please help me with the issue as I'm stuck at this and can't move forward updating other orderer expired tls certs?