回覆: Hyperledger Fabric] Setting up network using Fabric CA


Sam Venzi
 

Hi Cindy,

Fo the test-network, if you check the fabric-ca-server-config.yaml file, which defines the configuration of a given CA, you’ll see the TLS section enabled, which explains where the TLS CA certificate comes from.

Reference: https://github.com/hyperledger/fabric-samples/blob/main/test-network/organizations/fabric-ca/org1/fabric-ca-server-config.yaml#L63

Best,

Samuel Venzi
CTO @ GoLedger


On 10 Nov 2022 09:46 -0300, Cindy Qian <cindy.qian@...>, wrote:

Hi Samuel,

You said "each CA has its own TLS CA certificate", I don't understand where these TLS CA certificates come from. Don't we need a TLS ca server to issue these TLS CA certificates?



Thanks and regards,

Cindy

寄件者: Samuel Venzi <samuel.venzi@...>
寄件日期: 2022年11月10日 20:40
收件者: fabric@... <fabric@...>; Cindy Qian <cindy.qian@...>
主旨: Re: [Hyperledger Fabric] Setting up network using Fabric CA
 
Hello, Cindy.

Each CA has its own TLS CA certificate, and will issue TLS certificates for the nodes of its own org.

Best,  

Samuel Venzi
CTO @ GoLedger


On 10 Nov 2022 01:10 -0300, Cindy Qian <cindy.qian@...>, wrote:
Hi, I have a question:

When we set up a fabric network using ca, at least we need one ca for each organization for enrollment purposes and one TLS ca for issuing all tls server certificates for all nodes. So in the test-network sample, we should have at least 4 ca, 3 of them are for two peer org and one orderer org, and the last 1 is for tls ca. But I don't understand why there are only 3 containers in compose/compose-ca.yaml. Could you please help me




Regards,
Cindy