gpt4 book ai didi

ssl - TLS 握手失败,错误为 tls : first record does not look like a TLS handshake server=Orderer remoteaddress=192. 168.144.4:43496

转载 作者:太空宇宙 更新时间:2023-11-03 14:23:01 33 4
gpt4 key购买 nike

我正在与 5 个订购者、1 个组织和 2 个同行建立我的网络。还有 1 个 cli 和 1 个 ca。

我从 1 个排序者扩展到 5 个实现 Raft 的排序者。这就是为什么我想扩展我的网络并对多个对等点发生的情况进行更深入的测试。docker 正在运行,但我在订购者容器中收到一些关于 TLS 的错误:

TLS 握手失败,出现错误 tls:第一条记录看起来不像 TLS 握手 server=Orderer remoteaddress=192.168.144.4:43496

我不明白问题出在哪里,因为我设置了一切来实现 Raft,从加密 Material 到 docker compose 文件。

这是加密配置模板:

OrdererOrgs:
- Name: Orderer
Domain: APPLICATION_NAME.com
EnableNodeOUs: true
Specs:
- Hostname: orderer
- Hostname: orderer2
- Hostname: orderer3
- Hostname: orderer4
- Hostname: orderer5

PeerOrgs:
- Name: ORG_NAME
Domain: ORG_NAME.APPLICATION_NAME.com
EnableNodeOUs: true

Template: # Number of peers
Count: 2

Users:
Count: 1

这是 configtx 模板:

Organizations:

- &OrdererOrg
Name: OrdererOrg
ID: OrdererMSP
MSPDir: crypto-config/ordererOrganizations/APPLICATION_NAME.com/msp

Policies:
Readers:
Type: Signature
Rule: "OR('OrdererMSP.member')"
Writers:
Type: Signature
Rule: "OR('OrdererMSP.member')"
Admins:
Type: Signature
Rule: "OR('OrdererMSP.admin')"

- &ORG_NAME
Name: MSP_NAME
ID: MSP_NAME
MSPDir: crypto-config/peerOrganizations/ORG_NAME.APPLICATION_NAME.com/msp

Policies:
Readers:
Type: Signature
Rule: "OR('MSP_NAME.admin', 'MSP_NAME.peer', 'MSP_NAME.client')"
Writers:
Type: Signature
Rule: "OR('MSP_NAME.admin', 'MSP_NAME.client')"
Admins:
Type: Signature
Rule: "OR('MSP_NAME.admin')"

AnchorPeers:
- Host: peer0.ORG_NAME.APPLICATION_NAME
Port: 7051
- Host: peer1.ORG_NAME.APPLICATION_NAME
Port: 8051

Capabilities:
Channel: &ChannelCapabilities
V1_4_3: true
V1_3: false
V1_1: false

Orderer: &OrdererCapabilities
V1_4_2: true
V1_1: false

Application: &ApplicationCapabilities
V1_4_2: true
V1_3: false
V1_2: false
V1_1: false


Application: &ApplicationDefaults
Organizations:
- *ORG_NAME

Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"

Capabilities:
<<: *ApplicationCapabilities


Orderer: &OrdererDefaults
OrdererType: solo

Addresses:
- orderer.APPLICATION_NAME.com:7050

BatchTimeout: 500ms
BatchSize:
MaxMessageCount: 15
AbsoluteMaxBytes: 99 MB
PreferredMaxBytes: 512 kb

Kafka:
Brokers:
- 127.0.0.1:9092

Organizations:

Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
BlockValidation:
Type: ImplicitMeta
Rule: "ANY Writers"

Capabilities:
<<: *OrdererCapabilities

Channel: &ChannelDefaults
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"

Capabilities:
<<: *ChannelCapabilities



Profiles:

OneOrgOrdererGenesis:
<<: *ChannelDefaults
Orderer:
<<: *OrdererDefaults
Organizations:
- *OrdererOrg
Consortiums:
SampleConsortium:
Organizations:
- *ORG_NAME
OneOrgChannel:
<<: *ChannelDefaults
Consortium: SampleConsortium
Application:
<<: *ApplicationDefaults
Organizations:
- *ORG_NAME

SampleMultiNodeEtcdRaft:
<<: *ChannelDefaults
Capabilities:
<<: *ChannelCapabilities
Orderer:
<<: *OrdererDefaults
OrdererType: etcdraft
EtcdRaft:
Consenters:
- Host: orderer.APPLICATION_NAME.com
Port: 7050
ClientTLSCert: crypto-config/ordererOrganizations/APPLICATION_NAME.com/orderers/orderer.APPLICATION_NAME.com/tls/server.crt
ServerTLSCert: crypto-config/ordererOrganizations/APPLICATION_NAME.com/orderers/orderer.APPLICATION_NAME.com/tls/server.crt
- Host: orderer2.APPLICATION_NAME.com
Port: 7050
ClientTLSCert: crypto-config/ordererOrganizations/APPLICATION_NAME.com/orderers/orderer2.APPLICATION_NAME.com/tls/server.crt
ServerTLSCert: crypto-config/ordererOrganizations/APPLICATION_NAME.com/orderers/orderer2.APPLICATION_NAME.com/tls/server.crt
- Host: orderer3.APPLICATION_NAME.com
Port: 7050
ClientTLSCert: crypto-config/ordererOrganizations/APPLICATION_NAME.com/orderers/orderer3.APPLICATION_NAME.com/tls/server.crt
ServerTLSCert: crypto-config/ordererOrganizations/APPLICATION_NAME.com/orderers/orderer3.APPLICATION_NAME.com/tls/server.crt
- Host: orderer4.APPLICATION_NAME.com
Port: 7050
ClientTLSCert: crypto-config/ordererOrganizations/APPLICATION_NAME.com/orderers/orderer4.APPLICATION_NAME.com/tls/server.crt
ServerTLSCert: crypto-config/ordererOrganizations/APPLICATION_NAME.com/orderers/orderer4.APPLICATION_NAME.com/tls/server.crt
- Host: orderer5.APPLICATION_NAME.com
Port: 7050
ClientTLSCert: crypto-config/ordererOrganizations/APPLICATION_NAME.com/orderers/orderer5.APPLICATION_NAME.com/tls/server.crt
ServerTLSCert: crypto-config/ordererOrganizations/APPLICATION_NAME.com/orderers/orderer5.APPLICATION_NAME.com/tls/server.crt
Addresses:
- orderer.APPLICATION_NAME.com:7050
- orderer2.APPLICATION_NAME.com:7050
- orderer3.APPLICATION_NAME.com:7050
- orderer4.APPLICATION_NAME.com:7050
- orderer5.APPLICATION_NAME.com:7050

Organizations:
- *OrdererOrg
Capabilities:
<<: *OrdererCapabilities
Application:
<<: *ApplicationDefaults
Organizations:
- <<: *OrdererOrg
Consortiums:
SampleConsortium:
Organizations:
- *ORG_NAME

这是 docker compose:

#
# Copyright IBM Corp All Rights Reserved
#
# SPDX-License-Identifier: Apache-2.0
#

version: '2'

networks:
basic:

services:
ca.ORG_NAME.com:
image: hyperledger/fabric-ca:IMAGETAG
environment:
- FABRIC_CA_HOME=/etc/hyperledger/fabric-ca-server
- FABRIC_CA_SERVER_CA_NAME=ca.ORG_NAME.com
- FABRIC_CA_SERVER_CA_CERTFILE=/etc/hyperledger/fabric-ca-server-config/ca.ORG_NAME.APPLICATION_NAME.com-cert.pem
- FABRIC_CA_SERVER_CA_KEYFILE=/etc/hyperledger/fabric-ca-server-config/CERT_AUTH_PRIVATE_KEY
ports:
- "7054:7054"
command: sh -c 'fabric-ca-server start -b admin:adminpw'
restart: always
volumes:
- ./crypto-config/peerOrganizations/ORG_NAME.APPLICATION_NAME.com/ca/:/etc/hyperledger/fabric-ca-server-config
container_name: ca.ORG_NAME.com
networks:
- basic

cli:
container_name: cli
image: hyperledger/fabric-tools:IMAGETAG
tty: true
environment:
- GOPATH=/opt/gopath
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
- FABRIC_LOGGING_SPEC=info

- CORE_PEER_ID=cli
- CORE_PEER_ADDRESS=peer0.ORG_NAME.APPLICATION_NAME.com:7051
- CORE_PEER_LOCALMSPID=MSP_NAME
- CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/ORG_NAME.APPLICATION_NAME.com/users/Admin@ORG_NAME.APPLICATION_NAME.com/msp/

- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/ORG_NAME.APPLICATION_NAME.com/peers/peer0.ORG_NAME.APPLICATION_NAME.com/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/ORG_NAME.APPLICATION_NAME.com/peers/peer0.ORG_NAME.APPLICATION_NAME.com/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/ORG_NAME.APPLICATION_NAME.com/peers/peer0.ORG_NAME.APPLICATION_NAME.com/tls/ca.crt

working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: /bin/bash
restart: always
volumes:
- /var/run/:/host/var/run/
- ./../chaincode/:/opt/gopath/src/github.com/
- ./crypto-config:/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/
- ./config:/etc/hyperledger/configtx/
networks:
- basic

orderer.APPLICATION_NAME.com:
container_name: orderer.APPLICATION_NAME.com
image: hyperledger/fabric-orderer:IMAGETAG
environment:
- FABRIC_LOGGING_SPEC=info
- ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
- ORDERER_GENERAL_GENESISMETHOD=file
- ORDERER_GENERAL_GENESISFILE=/etc/hyperledger/configtx/genesis.block
- ORDERER_GENERAL_LOCALMSPID=OrdererMSP
- ORDERER_GENERAL_LOCALMSPDIR=/etc/hyperledger/msp/orderer/msp
- CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/msp/orderer
# enabled TLS
- ORDERER_GENERAL_TLS_ENABLED=true
- ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
- ORDERER_KAFKA_TOPIC_REPLICATIONFACTOR=1
- ORDERER_KAFKA_VERBOSE=true
- ORDERER_GENERAL_CLUSTER_CLIENTCERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_CLUSTER_CLIENTPRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_CLUSTER_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/orderer
command: orderer
restart: always
ports:
- 7050:7050
volumes:
- ./config/:/etc/hyperledger/configtx
- ./crypto-config/ordererOrganizations/APPLICATION_NAME.com/orderers/orderer.APPLICATION_NAME.com/:/etc/hyperledger/msp/orderer
- ./crypto-config/ordererOrganizations/APPLICATION_NAME.com/orderers/orderer.APPLICATION_NAME.com/tls/:/var/hyperledger/orderer/tls
- ./crypto-config/peerOrganizations/ORG_NAME.APPLICATION_NAME.com/peers/peer0.ORG_NAME.APPLICATION_NAME.com/:/etc/hyperledger/msp/peer0ORG_NAME
- ./crypto-config/peerOrganizations/ORG_NAME.APPLICATION_NAME.com/peers/peer1.ORG_NAME.APPLICATION_NAME.com/:/etc/hyperledger/msp/peer1ORG_NAME
# - ./ledgers/orderer.APPLICATION_NAME.com/:/var/hyperledger/production/orderer/
networks:
- basic

orderer2.APPLICATION_NAME.com:
container_name: orderer2.APPLICATION_NAME.com
image: hyperledger/fabric-orderer:IMAGETAG
environment:
- FABRIC_LOGGING_SPEC=info
- ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
- ORDERER_GENERAL_GENESISMETHOD=file
- ORDERER_GENERAL_GENESISFILE=/etc/hyperledger/configtx/genesis.block
- ORDERER_GENERAL_LOCALMSPID=OrdererMSP
- ORDERER_GENERAL_LOCALMSPDIR=/etc/hyperledger/msp/orderer/msp
- CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/msp/orderer
# enabled TLS
- ORDERER_GENERAL_TLS_ENABLED=true
- ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
- ORDERER_KAFKA_TOPIC_REPLICATIONFACTOR=1
- ORDERER_KAFKA_VERBOSE=true
- ORDERER_GENERAL_CLUSTER_CLIENTCERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_CLUSTER_CLIENTPRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_CLUSTER_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/orderer
command: orderer
restart: always
ports:
- 8050:7050
volumes:
- ./config/:/etc/hyperledger/configtx
- ./crypto-config/ordererOrganizations/APPLICATION_NAME.com/orderers/orderer2.APPLICATION_NAME.com/:/etc/hyperledger/msp/orderer
- ./crypto-config/ordererOrganizations/APPLICATION_NAME.com/orderers/orderer2.APPLICATION_NAME.com/tls/:/var/hyperledger/orderer/tls
- ./crypto-config/peerOrganizations/ORG_NAME.APPLICATION_NAME.com/peers/peer0.ORG_NAME.APPLICATION_NAME.com/:/etc/hyperledger/msp/peer0ORG_NAME
- ./crypto-config/peerOrganizations/ORG_NAME.APPLICATION_NAME.com/peers/peer1.ORG_NAME.APPLICATION_NAME.com/:/etc/hyperledger/msp/peer1ORG_NAME
# - ./ledgers/orderer.APPLICATION_NAME.com/:/var/hyperledger/production/orderer/
networks:
- basic

orderer3.APPLICATION_NAME.com:
container_name: orderer3.APPLICATION_NAME.com
image: hyperledger/fabric-orderer:IMAGETAG
environment:
- FABRIC_LOGGING_SPEC=info
- ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
- ORDERER_GENERAL_GENESISMETHOD=file
- ORDERER_GENERAL_GENESISFILE=/etc/hyperledger/configtx/genesis.block
- ORDERER_GENERAL_LOCALMSPID=OrdererMSP
- ORDERER_GENERAL_LOCALMSPDIR=/etc/hyperledger/msp/orderer/msp
- CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/msp/orderer
# enabled TLS
- ORDERER_GENERAL_TLS_ENABLED=true
- ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
- ORDERER_KAFKA_TOPIC_REPLICATIONFACTOR=1
- ORDERER_KAFKA_VERBOSE=true
- ORDERER_GENERAL_CLUSTER_CLIENTCERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_CLUSTER_CLIENTPRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_CLUSTER_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/orderer
command: orderer
restart: always
ports:
- 9050:7050
volumes:
- ./config/:/etc/hyperledger/configtx
- ./crypto-config/ordererOrganizations/APPLICATION_NAME.com/orderers/orderer3.APPLICATION_NAME.com/:/etc/hyperledger/msp/orderer
- ./crypto-config/ordererOrganizations/APPLICATION_NAME.com/orderers/orderer3.APPLICATION_NAME.com/tls/:/var/hyperledger/orderer/tls
- ./crypto-config/peerOrganizations/ORG_NAME.APPLICATION_NAME.com/peers/peer0.ORG_NAME.APPLICATION_NAME.com/:/etc/hyperledger/msp/peer0ORG_NAME
- ./crypto-config/peerOrganizations/ORG_NAME.APPLICATION_NAME.com/peers/peer1.ORG_NAME.APPLICATION_NAME.com/:/etc/hyperledger/msp/peer1ORG_NAME
# - ./ledgers/orderer.APPLICATION_NAME.com/:/var/hyperledger/production/orderer/
networks:
- basic

orderer4.APPLICATION_NAME.com:
container_name: orderer4.APPLICATION_NAME.com
image: hyperledger/fabric-orderer:IMAGETAG
environment:
- FABRIC_LOGGING_SPEC=info
- ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
- ORDERER_GENERAL_GENESISMETHOD=file
- ORDERER_GENERAL_GENESISFILE=/etc/hyperledger/configtx/genesis.block
- ORDERER_GENERAL_LOCALMSPID=OrdererMSP
- ORDERER_GENERAL_LOCALMSPDIR=/etc/hyperledger/msp/orderer/msp
- CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/msp/orderer
# enabled TLS
- ORDERER_GENERAL_TLS_ENABLED=true
- ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
- ORDERER_KAFKA_TOPIC_REPLICATIONFACTOR=1
- ORDERER_KAFKA_VERBOSE=true
- ORDERER_GENERAL_CLUSTER_CLIENTCERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_CLUSTER_CLIENTPRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_CLUSTER_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/orderer
command: orderer
restart: always
ports:
- 10050:7050
volumes:
- ./config/:/etc/hyperledger/configtx
- ./crypto-config/ordererOrganizations/APPLICATION_NAME.com/orderers/orderer4.APPLICATION_NAME.com/:/etc/hyperledger/msp/orderer
- ./crypto-config/ordererOrganizations/APPLICATION_NAME.com/orderers/orderer4.APPLICATION_NAME.com/tls/:/var/hyperledger/orderer/tls
- ./crypto-config/peerOrganizations/ORG_NAME.APPLICATION_NAME.com/peers/peer0.ORG_NAME.APPLICATION_NAME.com/:/etc/hyperledger/msp/peer0ORG_NAME
- ./crypto-config/peerOrganizations/ORG_NAME.APPLICATION_NAME.com/peers/peer1.ORG_NAME.APPLICATION_NAME.com/:/etc/hyperledger/msp/peer1ORG_NAME
# - ./ledgers/orderer.APPLICATION_NAME.com/:/var/hyperledger/production/orderer/
networks:
- basic

orderer5.APPLICATION_NAME.com:
container_name: orderer5.APPLICATION_NAME.com
image: hyperledger/fabric-orderer:IMAGETAG
environment:
- FABRIC_LOGGING_SPEC=info
- ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
- ORDERER_GENERAL_GENESISMETHOD=file
- ORDERER_GENERAL_GENESISFILE=/etc/hyperledger/configtx/genesis.block
- ORDERER_GENERAL_LOCALMSPID=OrdererMSP
- ORDERER_GENERAL_LOCALMSPDIR=/etc/hyperledger/msp/orderer/msp
- CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/msp/orderer
# enabled TLS
- ORDERER_GENERAL_TLS_ENABLED=true
- ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
- ORDERER_KAFKA_TOPIC_REPLICATIONFACTOR=1
- ORDERER_KAFKA_VERBOSE=true
- ORDERER_GENERAL_CLUSTER_CLIENTCERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_CLUSTER_CLIENTPRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_CLUSTER_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/orderer
command: orderer
restart: always
ports:
- 11050:7050
volumes:
- ./config/:/etc/hyperledger/configtx
- ./crypto-config/ordererOrganizations/APPLICATION_NAME.com/orderers/orderer5.APPLICATION_NAME.com/:/etc/hyperledger/msp/orderer
- ./crypto-config/ordererOrganizations/APPLICATION_NAME.com/orderers/orderer5.APPLICATION_NAME.com/tls/:/var/hyperledger/orderer/tls
- ./crypto-config/peerOrganizations/ORG_NAME.APPLICATION_NAME.com/peers/peer0.ORG_NAME.APPLICATION_NAME.com/:/etc/hyperledger/msp/peer0ORG_NAME
- ./crypto-config/peerOrganizations/ORG_NAME.APPLICATION_NAME.com/peers/peer1.ORG_NAME.APPLICATION_NAME.com/:/etc/hyperledger/msp/peer1ORG_NAME
# - ./ledgers/orderer.APPLICATION_NAME.com/:/var/hyperledger/production/orderer/
networks:
- basic

peer0.ORG_NAME.APPLICATION_NAME.com:
container_name: peer0.ORG_NAME.APPLICATION_NAME.com
image: hyperledger/fabric-peer:IMAGETAG
environment:
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
- CORE_PEER_ID=peer0.ORG_NAME.APPLICATION_NAME.com
- CORE_PEER_ADDRESS=peer0.ORG_NAME.APPLICATION_NAME.com:7051
- CORE_PEER_LISTENADDRESS=0.0.0.0:7051
- CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:7052
- FABRIC_LOGGING_SPEC=info
- CORE_CHAINCODE_LOGGING_LEVEL=info
- CORE_PEER_LOCALMSPID=MSP_NAME
- CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/msp/peer/
- CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=COMPOSE_PROJECT_NAME_basic

- CORE_PEER_GOSSIP_BOOTSTRAP=peer1.ORG_NAME.APPLICATION_NAME.com:8051
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.ORG_NAME.APPLICATION_NAME.com:7051

- CORE_CHAINCODE_EXECUTETIMEOUT="600s"
- CORE_PEER_GRPCOPTIONS_REQUEST_TIMEOUT="600s"

- CORE_PEER_PROFILE_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/etc/hyperledger/fabric/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/etc/hyperledger/fabric/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/etc/hyperledger/fabric/tls/ca.crt

working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: peer node start
restart: always
# command: peer node start --peer-chaincodedev=true
ports:
- 7051:7051
- 7053:7053
volumes:
- /var/run/:/host/var/run/
- ./crypto-config/peerOrganizations/ORG_NAME.APPLICATION_NAME.com/peers/peer0.ORG_NAME.APPLICATION_NAME.com/msp:/etc/hyperledger/msp/peer
- ./crypto-config/peerOrganizations/ORG_NAME.APPLICATION_NAME.com/users:/etc/hyperledger/msp/users
- ./config:/etc/hyperledger/configtx
# - ./ledgers/peer0.ORG_NAME.APPLICATION_NAME.com/:/var/hyperledger/production/
- ./crypto-config/peerOrganizations/ORG_NAME.APPLICATION_NAME.com/peers/peer0.ORG_NAME.APPLICATION_NAME.com/tls:/etc/hyperledger/fabric/tls
depends_on:
- orderer.APPLICATION_NAME.com
networks:
- basic


peer1.ORG_NAME.APPLICATION_NAME.com:
container_name: peer1.ORG_NAME.APPLICATION_NAME.com
image: hyperledger/fabric-peer:IMAGETAG
working_dir: /opt/gopath/src/github.com/hyperledger/fabric
command: peer node start
restart: always
environment:
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
- CORE_PEER_ID=peer1.ORG_NAME.APPLICATION_NAME.com
- CORE_PEER_ADDRESS=peer1.ORG_NAME.APPLICATION_NAME.com:8051
- CORE_PEER_LISTENADDRESS=0.0.0.0:8051
- CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:8052
- FABRIC_LOGGING_SPEC=info
- CORE_CHAINCODE_LOGGING_LEVEL=info
- CORE_PEER_LOCALMSPID=MSP_NAME
- CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/msp/peer/

- CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=${COMPOSE_PROJECT_NAME}_basic

- CORE_PEER_GOSSIP_BOOTSTRAP=peer0.ORG_NAME.APPLICATION_NAME.com:7051
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer1.ORG_NAME.APPLICATION_NAME.com:8051

- CORE_CHAINCODE_EXECUTETIMEOUT="600s"
- CORE_PEER_GRPCOPTIONS_REQUEST_TIMEOUT="600s"

- CORE_PEER_PROFILE_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/etc/hyperledger/fabric/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/etc/hyperledger/fabric/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/etc/hyperledger/fabric/tls/ca.crt

volumes:
- /var/run/:/host/var/run/
- ./crypto-config/peerOrganizations/ORG_NAME.APPLICATION_NAME.com/peers/peer1.ORG_NAME.APPLICATION_NAME.com/msp:/etc/hyperledger/msp/peer
- ./crypto-config/peerOrganizations/ORG_NAME.APPLICATION_NAME.com/users:/etc/hyperledger/msp/users
- ./config:/etc/hyperledger/configtx
# - ./ledgers/peer1.ORG_NAME.APPLICATION_NAME.com/:/var/hyperledger/production/
- ./crypto-config/peerOrganizations/ORG_NAME.APPLICATION_NAME.com/peers/peer1.ORG_NAME.APPLICATION_NAME.com/tls:/etc/hyperledger/fabric/tls

depends_on:
- orderer.APPLICATION_NAME.com
ports:
- 8051:8051
networks:
- basic

我知道 docker compose 写得不是很好,我替换了相同的命令和东西,但此时我只想让网络正常运行,接下来重构和重新格式化代码。

为了运行网络,我首先运行生成脚本,其中关键部分是:

  cryptogen generate --config=./crypto-config.yaml
configtxgen -profile SampleMultiNodeEtcdRaft -channelID $CHANNEL_NAME -outputBlock
./config/genesis.block
configtxgen -profile OneOrgChannel -outputCreateChannelTx ./config/channel.tx -channelID $CHANNEL_NAME
configtxgen -profile OneOrgChannel -outputAnchorPeersUpdate ./config/${MSP_NAME}anchors.tx -channelID $CHANNEL_NAME -asOrg $MSP_NAME

接下来,我使用 docker compose 运行我的网络。我没有收到任何错误,一切正常,但如果我看到订购者的日志,我就会收到我所说的错误。当然,如果我还实例化 cli 并尝试创建 channel ,我会收到错误消息,因此我想在继续之前解决这个问题。提前致谢。

来自订购者的一个非常短的日志:

2019-11-27 08:47:24.985 UTC [orderer.consensus.etcdraft] poll -> INFO 240 1 received MsgPreVoteResp from 1 at term 1 channel=beerchannel node=1
2019-11-27 08:47:24.985 UTC [orderer.consensus.etcdraft] campaign -> INFO 241 1 [logterm: 1, index: 5] sent MsgPreVote request to 2 at term 1 channel=beerchannel node=1
2019-11-27 08:47:24.985 UTC [orderer.consensus.etcdraft] campaign -> INFO 242 1 [logterm: 1, index: 5] sent MsgPreVote request to 3 at term 1 channel=beerchannel node=1
2019-11-27 08:47:24.985 UTC [orderer.consensus.etcdraft] campaign -> INFO 243 1 [logterm: 1, index: 5] sent MsgPreVote request to 4 at term 1 channel=beerchannel node=1
2019-11-27 08:47:24.985 UTC [orderer.consensus.etcdraft] campaign -> INFO 244 1 [logterm: 1, index: 5] sent MsgPreVote request to 5 at term 1 channel=beerchannel node=1
2019-11-27 08:47:25.095 UTC [core.comm] ServerHandshake -> ERRO 245 TLS handshake failed with error tls: first record does not look like a TLS handshake server=Orderer remoteaddress=192.168.144.6:42974
2019-11-27 08:47:28.898 UTC [core.comm] ServerHandshake -> ERRO 246 TLS handshake failed with error tls: first record does not look like a TLS handshake server=Orderer remoteaddress=192.168.144.7:58672
2019-11-27 08:47:30.484 UTC [orderer.consensus.etcdraft] Step -> INFO 247 1 is starting a new election at term 1 channel=beerchannel node=1
2019-11-27 08:47:30.485 UTC [orderer.consensus.etcdraft] becomePreCandidate -> INFO 248 1 became pre-candidate at term 1 channel=beerchannel node=1
2019-11-27 08:47:30.485 UTC [orderer.consensus.etcdraft] poll -> INFO 249 1 received MsgPreVoteResp from 1 at term 1 channel=beerchannel node=1

重复多次然后 docker 停止

最佳答案

您的两个对等点都缺少 CORE_PEER_TLS_ENABLED=true

关于ssl - TLS 握手失败,错误为 tls : first record does not look like a TLS handshake server=Orderer remoteaddress=192. 168.144.4:43496,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/59066483/

33 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com