Doubt and error in enrolling a peer and starting its container #docker-compose #docker #fabric-ca


famar
 

Hi all, I am creating a network with CA roots and CA intermediates using fabric CA and docker compose. So far I have been able to correctly create the roots, intermediates, perform registration and enrollment of orderers and start their containers. I have problems with the peers.
I am not using localhost or 0.0.0.0 as docker gives problems if you try to create intermediates that way. I then created hosts within the docker network.

I describe the steps taken as concisely as possible:

Enroll TLS CA admin
docker exec -it tls-ca fabric-ca-client enroll -d -u https://tls-ca-admin:tls-ca-adminpw@tls-ca:7051 --tls.certfiles /tmp/hyperledger/fabric-ca/crypto/ca-cert.pem --home /tmp/hyperledger/fabric-ca/admin/
 
Register peer
docker exec -it tls-ca fabric-ca-client register -d --id.name peer1-ica1-rca-org0 --id.secret peer1-ica1-rca-org0PW --id.type peer -u https://tls-ca:7051 --tls.certfiles /tmp/hyperledger/fabric-ca/crypto/ca-cert.pem --home /tmp/hyperledger/fabric-ca/admin/
 
Enroll ica1-rca-org0 admin
docker exec -it ica1-rca-org0 fabric-ca-client enroll -d -u https://ica1-rca-org0-admin:ica1-rca-org0-adminpw@ica1-rca-org0:7058 --tls.certfiles /tmp/hyperledger/fabric-ca/crypto/ca-cert.pem --home /tmp/hyperledger/fabric-ca/admin --home /tmp/hyperledger/fabric-ca/admin/
Register admin and peer
docker exec -it ica1-rca-org0 fabric-ca-client register -d --id.name admin-ica1-rca-org0 --id.secret admin-ica1-rca-org0pw --id.type admin --id.attrs "hf.Registrar.Roles=client,hf.Registrar.Attributes=*,hf.Revoker=true,hf.GenCRL=true,admin=true:ecert,abac.init=true:ecert" -u https://ica1-rca-org0:7058 --tls.certfiles /tmp/hyperledger/fabric-ca/crypto/ca-cert.pem --home /tmp/hyperledger/fabric-ca/admin/
docker exec -it ica1-rca-org0 fabric-ca-client register -d --id.name peer1-ica1-rca-org0 --id.secret peer1-ica1-rca-org0pw --id.type peer -u https://ica1-rca-org0:7058 --tls.certfiles /tmp/hyperledger/fabric-ca/crypto/ca-cert.pem --home /tmp/hyperledger/fabric-ca/admin/
Enroll peer for identity
docker exec -it ica1-rca-org0 fabric-ca-client enroll -d -u https://peer1-ica1-rca-org0:peer1-ica1-rca-org0pw@ica1-rca-org0:7058 --tls.certfiles /tmp/hyperledger/fabric-ca/crypto/ca-cert.pem --home /tmp/hyperledger/fabric-ca-enrollment/peer1 --mspdir msp


Here i have my first doubt. When i enrolled orderers i used the certificates located in the cacerts folders (rca-org0-7052.pem for the orderer on the rca-org0 for istance) and i was sure i need to use the same strategy for the peer. If i try to follow this way, it result in a "unknown owner" error. So i change the certificate and it work but i'm not very sure about the reason.

However, after enrolling the peer for identity and TLS and the admin, i try to start the peer container.
In my docker compose file i have this line:
 - CORE_PEER_MSPCONFIGPATH=/tmp/hyperledger/ica1-rca-org0/peer1/msp
But i have the following error:
Cannot run peer because cannot init crypto, specified path "/tmp/hyperledger/ica1-rca-org0/peer1/msp" does not exist or cannot be accessed: stat /tmp/hyperledger/ica1-rca-org0/peer1/msp: no such file or directory
The folder exists and it has not restriction but the docker compose can't read the content.

Would anyone be able to suggest why?
Thanks