User expired after one year--need help
I am facing worst experience, every user id is expiring as it
complete it's time of one year. Can any body help me how to save
the user ids to get expire and renew these ids.
toggle quoted messageShow quoted text
Your CAs have an internal database with all the IDs registered by it. You can search the IDs using your CA and issue a reenroll for the certificate that got expired. Depending on the ID (peer, orderer, admin) you might have a harder time replacing that certificate within the node.
Orderers must be replaced in the configuration block of the channel on the consenters section, one at a time. And, of course, inside the container.
Admins must be replaced in the admin section of the block, within the correct org.
For peers, just replacing them inside the container will do.
It’s important to note that if all your certs are expired (including TLS) you might have to use a TLS timeshift in your orderer (set inside orderer.yaml) and a --tlsHandshakeTimeShift flag in the config block update command to trick your orderer into accepting requests from a expired tls.
This is a summary to clarify a bit the process of cert renewal. If you have further questions, I’ll be happy to take a look at them and do my best to help.
CTO @ GoLedger
On 14 Jul 2022 09:31 -0300, Aoun Muhammad <aoun.muhammad@...>, wrote: