fabric@lists.hyperledger.org | ERROR: Fabric orderer detectSelfID could not find certificate

Home Messages Hashtags Subgroups

Date Date 1 - 1 of 1

ERROR: Fabric orderer detectSelfID could not find certificate
#docker #fabric-ca #fabric-orderer #orderer #organizations

gonzalo.bustos@... #10498 Hello, I'm currently working on a project with three organizations and an orderer. So in order to do this, I created a new network, with its own configuration files and with a script that sets up everything (similarly to ./network up -ca, it checks the prereqs, creates the organizations, creates the consortium, and starts the network with the docker-compose). All necessary configurations were added as the Hyperledger Fabric Official documentation suggested and also following the structure of the test-network provided by the sample files. The Error will be displayed after the Context files. You can skip the Context files if you like. CONTEXT FILES: I will provide snippets of certain files such as: /docker-compose.yaml, /network.sh, /ccp-generate.sh, /registerEnroll.sh, /configtx.yaml, in order to help with error context. After all the attachments, the error will be explained. /docker-compose.yaml /network.sh /ccp-generate.sh /registerEnroll.sh function createOrderer() { infoln "Enroll the CA admin" mkdir -p organizations/ordererOrganizations/orderer.com export FABRIC_CA_CLIENT_HOME=${PWD}/organizations/ordererOrganizations/orderer.com # rm -rf $FABRIC_CA_CLIENT_HOME/fabric-ca-server-config.yaml # rm -rf $FABRIC_CA_CLIENT_HOME/msp set -x fabric-ca-client enroll -u https://admin:adminpw@localhost:9054 --caname ca-orderer --tls.certfiles ${PWD}/organizations/fabric-ca/ordererOrg/tls-cert.pem { set +x; } 2>/dev/null echo 'NodeOUs: Enable: true ClientOUIdentifier: Certificate: cacerts/localhost-9054-ca-orderer.pem OrganizationalUnitIdentifier: client PeerOUIdentifier: Certificate: cacerts/localhost-9054-ca-orderer.pem OrganizationalUnitIdentifier: peer AdminOUIdentifier: Certificate: cacerts/localhost-9054-ca-orderer.pem OrganizationalUnitIdentifier: admin OrdererOUIdentifier: Certificate: cacerts/localhost-9054-ca-orderer.pem OrganizationalUnitIdentifier: orderer' >${PWD}/organizations/ordererOrganizations/orderer.com/msp/config.yaml infoln "Register orderer" set -x fabric-ca-client register --caname ca-orderer --id.name orderer --id.secret ordererpw --id.type orderer --tls.certfiles ${PWD}/organizations/fabric-ca/ordererOrg/tls-cert.pem { set +x; } 2>/dev/null infoln "Register the orderer admin" set -x fabric-ca-client register --caname ca-orderer --id.name ordererAdmin --id.secret ordererAdminpw --id.type admin --tls.certfiles ${PWD}/organizations/fabric-ca/ordererOrg/tls-cert.pem { set +x; } 2>/dev/null mkdir -p organizations/ordererOrganizations/orderer.com/orderers mkdir -p organizations/ordererOrganizations/orderer.com/orderers/orderer.com mkdir -p organizations/ordererOrganizations/orderer.com/orderers/orderer.com infoln "Generate the orderer msp" set -x fabric-ca-client enroll -u https://orderer:ordererpw@localhost:9054 --caname ca-orderer -M ${PWD}/organizations/ordererOrganizations/orderer.com/orderers/orderer.com/msp --csr.hosts orderer.com --csr.hosts localhost --tls.certfiles ${PWD}/organizations/fabric-ca/ordererOrg/tls-cert.pem { set +x; } 2>/dev/null cp ${PWD}/organizations/ordererOrganizations/orderer.com/msp/config.yaml ${PWD}/organizations/ordererOrganizations/orderer.com/orderers/orderer.com/msp/config.yaml infoln "Generate the orderer-tls certificates" set -x fabric-ca-client enroll -u https://orderer:ordererpw@localhost:9054 --caname ca-orderer -M ${PWD}/organizations/ordererOrganizations/orderer.com/orderers/orderer.com/tls --enrollment.profile tls --csr.hosts orderer.com --csr.hosts localhost --tls.certfiles ${PWD}/organizations/fabric-ca/ordererOrg/tls-cert.pem { set +x; } 2>/dev/null cp ${PWD}/organizations/ordererOrganizations/orderer.com/orderers/orderer.com/tls/tlscacerts/* ${PWD}/organizations/ordererOrganizations/orderer.com/orderers/orderer.com/tls/ca.crt cp ${PWD}/organizations/ordererOrganizations/orderer.com/orderers/orderer.com/tls/signcerts/* ${PWD}/organizations/ordererOrganizations/orderer.com/orderers/orderer.com/tls/server.crt cp ${PWD}/organizations/ordererOrganizations/orderer.com/orderers/orderer.com/tls/keystore/* ${PWD}/organizations/ordererOrganizations/orderer.com/orderers/orderer.com/tls/server.key mkdir -p ${PWD}/organizations/ordererOrganizations/orderer.com/orderers/orderer.com/msp/tlscacerts cp ${PWD}/organizations/ordererOrganizations/orderer.com/orderers/orderer.com/tls/tlscacerts/* ${PWD}/organizations/ordererOrganizations/orderer.com/orderers/orderer.com/msp/tlscacerts/tlsca.orderer.com-cert.pem mkdir -p ${PWD}/organizations/ordererOrganizations/orderer.com/msp/tlscacerts cp ${PWD}/organizations/ordererOrganizations/orderer.com/orderers/orderer.com/tls/tlscacerts/* ${PWD}/organizations/ordererOrganizations/orderer.com/msp/tlscacerts/tlsca.orderer.com-cert.pem mkdir -p organizations/ordererOrganizations/orderer.com/users mkdir -p organizations/ordererOrganizations/orderer.com/users/Admin@... infoln "Generate the admin msp" set -x fabric-ca-client enroll -u https://ordererAdmin:ordererAdminpw@localhost:9054 --caname ca-orderer -M ${PWD}/organizations/ordererOrganizations/orderer.com/users/Admin@.../msp --tls.certfiles ${PWD}/organizations/fabric-ca/ordererOrg/tls-cert.pem { set +x; } 2>/dev/null cp ${PWD}/organizations/ordererOrganizations/orderer.com/msp/config.yaml ${PWD}/organizations/ordererOrganizations/orderer.com/users/Admin@.../msp/config.yaml } /configtx.yaml ERROR: ERROR EXPLANATION: When bringing up the network (using Fabric CA, and not cryptogen) all that happens on the ./network.sh script is it checks for the prereqs, creates the organizations, creates the consortium and uses docker-compose to start the network. According to the following snippet of the console logs, all orderer certificates seem to be correctly generated, as is the genesis.block. console logs: Create Orderer Org Identities Enroll the CA admin + fabric-ca-client enroll -u https://admin:adminpw@localhost:9054 --caname ca-orderer --tls.certfiles /var/www/psh/medical-chain/medchain-network/organizations/fabric-ca/ordererOrg/tls-cert.pem 2021/10/29 10:38:37 [INFO] Created a default configuration file at /var/www/psh/medical-chain/medchain-network/organizations/ordererOrganizations/orderer.com/fabric-ca-client-config.yaml 2021/10/29 10:38:37 [INFO] TLS Enabled 2021/10/29 10:38:37 [INFO] generating key: &{A:ecdsa S:256} 2021/10/29 10:38:37 [INFO] encoded CSR 2021/10/29 10:38:37 [INFO] Stored client certificate at /var/www/psh/medical-chain/medchain-network/organizations/ordererOrganizations/orderer.com/msp/signcerts/cert.pem 2021/10/29 10:38:37 [INFO] Stored root CA certificate at /var/www/psh/medical-chain/medchain-network/organizations/ordererOrganizations/orderer.com/msp/cacerts/localhost-9054-ca-orderer.pem 2021/10/29 10:38:37 [INFO] Stored Issuer public key at /var/www/psh/medical-chain/medchain-network/organizations/ordererOrganizations/orderer.com/msp/IssuerPublicKey 2021/10/29 10:38:37 [INFO] Stored Issuer revocation public key at /var/www/psh/medical-chain/medchain-network/organizations/ordererOrganizations/orderer.com/msp/IssuerRevocationPublicKey Register orderer + fabric-ca-client register --caname ca-orderer --id.name orderer --id.secret ordererpw --id.type orderer --tls.certfiles /var/www/psh/medical-chain/medchain-network/organizations/fabric-ca/ordererOrg/tls-cert.pem 2021/10/29 10:38:37 [INFO] Configuration file location: /var/www/psh/medical-chain/medchain-network/organizations/ordererOrganizations/orderer.com/fabric-ca-client-config.yaml 2021/10/29 10:38:37 [INFO] TLS Enabled 2021/10/29 10:38:37 [INFO] TLS Enabled Password: ordererpw Register the orderer admin + fabric-ca-client register --caname ca-orderer --id.name ordererAdmin --id.secret ordererAdminpw --id.type admin --tls.certfiles /var/www/psh/medical-chain/medchain-network/organizations/fabric-ca/ordererOrg/tls-cert.pem 2021/10/29 10:38:37 [INFO] Configuration file location: /var/www/psh/medical-chain/medchain-network/organizations/ordererOrganizations/orderer.com/fabric-ca-client-config.yaml 2021/10/29 10:38:37 [INFO] TLS Enabled 2021/10/29 10:38:37 [INFO] TLS Enabled Password: ordererAdminpw Generate the orderer msp + fabric-ca-client enroll -u https://orderer:ordererpw@localhost:9054 --caname ca-orderer -M /var/www/psh/medical-chain/medchain-network/organizations/ordererOrganizations/orderer.com/orderers/orderer.com/msp --csr.hosts orderer.com --csr.hosts localhost --tls.certfiles /var/www/psh/medical-chain/medchain-network/organizations/fabric-ca/ordererOrg/tls-cert.pem 2021/10/29 10:38:37 [INFO] TLS Enabled 2021/10/29 10:38:37 [INFO] generating key: &{A:ecdsa S:256} 2021/10/29 10:38:37 [INFO] encoded CSR 2021/10/29 10:38:37 [INFO] Stored client certificate at /var/www/psh/medical-chain/medchain-network/organizations/ordererOrganizations/orderer.com/orderers/orderer.com/msp/signcerts/cert.pem 2021/10/29 10:38:37 [INFO] Stored root CA certificate at /var/www/psh/medical-chain/medchain-network/organizations/ordererOrganizations/orderer.com/orderers/orderer.com/msp/cacerts/localhost-9054-ca-orderer.pem 2021/10/29 10:38:37 [INFO] Stored Issuer public key at /var/www/psh/medical-chain/medchain-network/organizations/ordererOrganizations/orderer.com/orderers/orderer.com/msp/IssuerPublicKey 2021/10/29 10:38:37 [INFO] Stored Issuer revocation public key at /var/www/psh/medical-chain/medchain-network/organizations/ordererOrganizations/orderer.com/orderers/orderer.com/msp/IssuerRevocationPublicKey Generate the orderer-tls certificates + fabric-ca-client enroll -u https://orderer:ordererpw@localhost:9054 --caname ca-orderer -M /var/www/psh/medical-chain/medchain-network/organizations/ordererOrganizations/orderer.com/orderers/orderer.com/tls --enrollment.profile tls --csr.hosts orderer.com --csr.hosts localhost --tls.certfiles /var/www/psh/medical-chain/medchain-network/organizations/fabric-ca/ordererOrg/tls-cert.pem 2021/10/29 10:38:37 [INFO] TLS Enabled 2021/10/29 10:38:37 [INFO] generating key: &{A:ecdsa S:256} 2021/10/29 10:38:37 [INFO] encoded CSR 2021/10/29 10:38:38 [INFO] Stored client certificate at /var/www/psh/medical-chain/medchain-network/organizations/ordererOrganizations/orderer.com/orderers/orderer.com/tls/signcerts/cert.pem 2021/10/29 10:38:38 [INFO] Stored TLS root CA certificate at /var/www/psh/medical-chain/medchain-network/organizations/ordererOrganizations/orderer.com/orderers/orderer.com/tls/tlscacerts/tls-localhost-9054-ca-orderer.pem 2021/10/29 10:38:38 [INFO] Stored Issuer public key at /var/www/psh/medical-chain/medchain-network/organizations/ordererOrganizations/orderer.com/orderers/orderer.com/tls/IssuerPublicKey 2021/10/29 10:38:38 [INFO] Stored Issuer revocation public key at /var/www/psh/medical-chain/medchain-network/organizations/ordererOrganizations/orderer.com/orderers/orderer.com/tls/IssuerRevocationPublicKey Generate the admin msp + fabric-ca-client enroll -u https://ordererAdmin:ordererAdminpw@localhost:9054 --caname ca-orderer -M /var/www/psh/medical-chain/medchain-network/organizations/ordererOrganizations/orderer.com/users/Admin@.../msp --tls.certfiles /var/www/psh/medical-chain/medchain-network/organizations/fabric-ca/ordererOrg/tls-cert.pem 2021/10/29 10:38:38 [INFO] TLS Enabled 2021/10/29 10:38:38 [INFO] generating key: &{A:ecdsa S:256} 2021/10/29 10:38:38 [INFO] encoded CSR 2021/10/29 10:38:38 [INFO] Stored client certificate at /var/www/psh/medical-chain/medchain-network/organizations/ordererOrganizations/orderer.com/users/Admin@.../msp/signcerts/cert.pem 2021/10/29 10:38:38 [INFO] Stored root CA certificate at /var/www/psh/medical-chain/medchain-network/organizations/ordererOrganizations/orderer.com/users/Admin@.../msp/cacerts/localhost-9054-ca-orderer.pem 2021/10/29 10:38:38 [INFO] Stored Issuer public key at /var/www/psh/medical-chain/medchain-network/organizations/ordererOrganizations/orderer.com/users/Admin@.../msp/IssuerPublicKey 2021/10/29 10:38:38 [INFO] Stored Issuer revocation public key at /var/www/psh/medical-chain/medchain-network/organizations/ordererOrganizations/orderer.com/users/Admin@.../msp/IssuerRevocationPublicKey Generating Orderer Genesis block + configtxgen -profile FourOrgsOrdererGenesis -channelID system-channel -outputBlock ./system-genesis-block/genesis.block 2021-10-29 10:38:38.338 -03 [common.tools.configtxgen] main -> INFO 001 Loading configuration 2021-10-29 10:38:38.349 -03 [common.tools.configtxgen.localconfig] completeInitialization -> INFO 002 orderer type: etcdraft 2021-10-29 10:38:38.349 -03 [common.tools.configtxgen.localconfig] completeInitialization -> INFO 003 Orderer.EtcdRaft.Options unset, setting to tick_interval:"500ms" election_tick:10 heartbeat_tick:1 max_inflight_blocks:5 snapshot_interval_size:16777216 2021-10-29 10:38:38.349 -03 [common.tools.configtxgen.localconfig] Load -> INFO 004 Loaded configuration: /var/www/psh/medical-chain/medchain-network/configtx/configtx.yaml 2021-10-29 10:38:38.352 -03 [common.tools.configtxgen] doOutputBlock -> INFO 005 Generating genesis block 2021-10-29 10:38:38.352 -03 [common.tools.configtxgen] doOutputBlock -> INFO 006 Creating system channel genesis block 2021-10-29 10:38:38.352 -03 [common.tools.configtxgen] doOutputBlock -> INFO 007 Writing genesis block BUT for some reason, the orderer container gets shutdown after a few seconds. And when I go to docker logs -f orderer.com, this is the error I get: which creates a certification error such as the following one: All help is very much appreciated! Environment information that might be useful: Fabric version: 2.3 Current docker version: 20.10.7 Current docker-compose version: 1.29.2 OS: Ubuntu 20.04
More All Messages By This Member

1 - 1 of 1

1

Previous Topic Next Topic

Home Hashtags Subgroups Terms