- android - 多次调用 OnPrimaryClipChangedListener
- android - 无法更新 RecyclerView 中的 TextView 字段
- android.database.CursorIndexOutOfBoundsException : Index 0 requested, 光标大小为 0
- android - 使用 AppCompat 时,我们是否需要明确指定其 UI 组件(Spinner、EditText)颜色
我正在与 5 个订购者、1 个组织和 2 个同行建立我的网络。还有 1 个 cli 和 1 个 ca。
我从 1 个排序者扩展到 5 个实现 Raft 的排序者。这就是为什么我想扩展我的网络并对多个对等点发生的情况进行更深入的测试。docker 正在运行,但我在订购者容器中收到一些关于 TLS 的错误:
TLS 握手失败,出现错误 tls:第一条记录看起来不像 TLS 握手 server=Orderer remoteaddress=192.168.144.4:43496
我不明白问题出在哪里,因为我设置了一切来实现 Raft,从加密 Material 到 docker compose 文件。
这是加密配置模板:
OrdererOrgs:
- Name: Orderer
Domain: APPLICATION_NAME.com
EnableNodeOUs: true
Specs:
- Hostname: orderer
- Hostname: orderer2
- Hostname: orderer3
- Hostname: orderer4
- Hostname: orderer5
PeerOrgs:
- Name: ORG_NAME
Domain: ORG_NAME.APPLICATION_NAME.com
EnableNodeOUs: true
Template: # Number of peers
Count: 2
Users:
Count: 1
这是 configtx 模板:
Organizations:
- &OrdererOrg
Name: OrdererOrg
ID: OrdererMSP
MSPDir: crypto-config/ordererOrganizations/APPLICATION_NAME.com/msp
Policies:
Readers:
Type: Signature
Rule: "OR('OrdererMSP.member')"
Writers:
Type: Signature
Rule: "OR('OrdererMSP.member')"
Admins:
Type: Signature
Rule: "OR('OrdererMSP.admin')"
- &ORG_NAME
Name: MSP_NAME
ID: MSP_NAME
MSPDir: crypto-config/peerOrganizations/ORG_NAME.APPLICATION_NAME.com/msp
Policies:
Readers:
Type: Signature
Rule: "OR('MSP_NAME.admin', 'MSP_NAME.peer', 'MSP_NAME.client')"
Writers:
Type: Signature
Rule: "OR('MSP_NAME.admin', 'MSP_NAME.client')"
Admins:
Type: Signature
Rule: "OR('MSP_NAME.admin')"
AnchorPeers:
- Host: peer0.ORG_NAME.APPLICATION_NAME
Port: 7051
- Host: peer1.ORG_NAME.APPLICATION_NAME
Port: 8051
Capabilities:
Channel: &ChannelCapabilities
V1_4_3: true
V1_3: false
V1_1: false
Orderer: &OrdererCapabilities
V1_4_2: true
V1_1: false
Application: &ApplicationCapabilities
V1_4_2: true
V1_3: false
V1_2: false
V1_1: false
Application: &ApplicationDefaults
Organizations:
- *ORG_NAME
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
Capabilities:
<<: *ApplicationCapabilities
Orderer: &OrdererDefaults
OrdererType: solo
Addresses:
- orderer.APPLICATION_NAME.com:7050
BatchTimeout: 500ms
BatchSize:
MaxMessageCount: 15
AbsoluteMaxBytes: 99 MB
PreferredMaxBytes: 512 kb
Kafka:
Brokers:
- 127.0.0.1:9092
Organizations:
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
BlockValidation:
Type: ImplicitMeta
Rule: "ANY Writers"
Capabilities:
<<: *OrdererCapabilities
Channel: &ChannelDefaults
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
Capabilities:
<<: *ChannelCapabilities
Profiles:
OneOrgOrdererGenesis:
<<: *ChannelDefaults
Orderer:
<<: *OrdererDefaults
Organizations:
- *OrdererOrg
Consortiums:
SampleConsortium:
Organizations:
- *ORG_NAME
OneOrgChannel:
<<: *ChannelDefaults
Consortium: SampleConsortium
Application:
<<: *ApplicationDefaults
Organizations:
- *ORG_NAME
SampleMultiNodeEtcdRaft:
<<: *ChannelDefaults
Capabilities:
<<: *ChannelCapabilities
Orderer:
<<: *OrdererDefaults
OrdererType: etcdraft
EtcdRaft:
Consenters:
- Host: orderer.APPLICATION_NAME.com
Port: 7050
ClientTLSCert: crypto-config/ordererOrganizations/APPLICATION_NAME.com/orderers/orderer.APPLICATION_NAME.com/tls/server.crt
ServerTLSCert: crypto-config/ordererOrganizations/APPLICATION_NAME.com/orderers/orderer.APPLICATION_NAME.com/tls/server.crt
- Host: orderer2.APPLICATION_NAME.com
Port: 7050
ClientTLSCert: crypto-config/ordererOrganizations/APPLICATION_NAME.com/orderers/orderer2.APPLICATION_NAME.com/tls/server.crt
ServerTLSCert: crypto-config/ordererOrganizations/APPLICATION_NAME.com/orderers/orderer2.APPLICATION_NAME.com/tls/server.crt
- Host: orderer3.APPLICATION_NAME.com
Port: 7050
ClientTLSCert: crypto-config/ordererOrganizations/APPLICATION_NAME.com/orderers/orderer3.APPLICATION_NAME.com/tls/server.crt
ServerTLSCert: crypto-config/ordererOrganizations/APPLICATION_NAME.com/orderers/orderer3.APPLICATION_NAME.com/tls/server.crt
- Host: orderer4.APPLICATION_NAME.com
Port: 7050
ClientTLSCert: crypto-config/ordererOrganizations/APPLICATION_NAME.com/orderers/orderer4.APPLICATION_NAME.com/tls/server.crt
ServerTLSCert: crypto-config/ordererOrganizations/APPLICATION_NAME.com/orderers/orderer4.APPLICATION_NAME.com/tls/server.crt
- Host: orderer5.APPLICATION_NAME.com
Port: 7050
ClientTLSCert: crypto-config/ordererOrganizations/APPLICATION_NAME.com/orderers/orderer5.APPLICATION_NAME.com/tls/server.crt
ServerTLSCert: crypto-config/ordererOrganizations/APPLICATION_NAME.com/orderers/orderer5.APPLICATION_NAME.com/tls/server.crt
Addresses:
- orderer.APPLICATION_NAME.com:7050
- orderer2.APPLICATION_NAME.com:7050
- orderer3.APPLICATION_NAME.com:7050
- orderer4.APPLICATION_NAME.com:7050
- orderer5.APPLICATION_NAME.com:7050
Organizations:
- *OrdererOrg
Capabilities:
<<: *OrdererCapabilities
Application:
<<: *ApplicationDefaults
Organizations:
- <<: *OrdererOrg
Consortiums:
SampleConsortium:
Organizations:
- *ORG_NAME
这是 docker compose:
#
# Copyright IBM Corp All Rights Reserved
#
# SPDX-License-Identifier: Apache-2.0
#
version: '2'
networks:
basic:
services:
ca.ORG_NAME.com:
image: hyperledger/fabric-ca:IMAGETAG
environment:
- FABRIC_CA_HOME=/etc/hyperledger/fabric-ca-server
- FABRIC_CA_SERVER_CA_NAME=ca.ORG_NAME.com
- FABRIC_CA_SERVER_CA_CERTFILE=/etc/hyperledger/fabric-ca-server-config/ca.ORG_NAME.APPLICATION_NAME.com-cert.pem
- FABRIC_CA_SERVER_CA_KEYFILE=/etc/hyperledger/fabric-ca-server-config/CERT_AUTH_PRIVATE_KEY
ports:
- "7054:7054"
command: sh -c 'fabric-ca-server start -b admin:adminpw'
restart: always
volumes:
- ./crypto-config/peerOrganizations/ORG_NAME.APPLICATION_NAME.com/ca/:/etc/hyperledger/fabric-ca-server-config
container_name: ca.ORG_NAME.com
networks:
- basic
cli:
container_name: cli
image: hyperledger/fabric-tools:IMAGETAG
tty: true
environment:
- GOPATH=/opt/gopath
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
- FABRIC_LOGGING_SPEC=info
- CORE_PEER_ID=cli
- CORE_PEER_ADDRESS=peer0.ORG_NAME.APPLICATION_NAME.com:7051
- CORE_PEER_LOCALMSPID=MSP_NAME
- CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/ORG_NAME.APPLICATION_NAME.com/users/Admin@ORG_NAME.APPLICATION_NAME.com/msp/
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/ORG_NAME.APPLICATION_NAME.com/peers/peer0.ORG_NAME.APPLICATION_NAME.com/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/ORG_NAME.APPLICATION_NAME.com/peers/peer0.ORG_NAME.APPLICATION_NAME.com/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/ORG_NAME.APPLICATION_NAME.com/peers/peer0.ORG_NAME.APPLICATION_NAME.com/tls/ca.crt
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: /bin/bash
restart: always
volumes:
- /var/run/:/host/var/run/
- ./../chaincode/:/opt/gopath/src/github.com/
- ./crypto-config:/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/
- ./config:/etc/hyperledger/configtx/
networks:
- basic
orderer.APPLICATION_NAME.com:
container_name: orderer.APPLICATION_NAME.com
image: hyperledger/fabric-orderer:IMAGETAG
environment:
- FABRIC_LOGGING_SPEC=info
- ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
- ORDERER_GENERAL_GENESISMETHOD=file
- ORDERER_GENERAL_GENESISFILE=/etc/hyperledger/configtx/genesis.block
- ORDERER_GENERAL_LOCALMSPID=OrdererMSP
- ORDERER_GENERAL_LOCALMSPDIR=/etc/hyperledger/msp/orderer/msp
- CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/msp/orderer
# enabled TLS
- ORDERER_GENERAL_TLS_ENABLED=true
- ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
- ORDERER_KAFKA_TOPIC_REPLICATIONFACTOR=1
- ORDERER_KAFKA_VERBOSE=true
- ORDERER_GENERAL_CLUSTER_CLIENTCERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_CLUSTER_CLIENTPRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_CLUSTER_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/orderer
command: orderer
restart: always
ports:
- 7050:7050
volumes:
- ./config/:/etc/hyperledger/configtx
- ./crypto-config/ordererOrganizations/APPLICATION_NAME.com/orderers/orderer.APPLICATION_NAME.com/:/etc/hyperledger/msp/orderer
- ./crypto-config/ordererOrganizations/APPLICATION_NAME.com/orderers/orderer.APPLICATION_NAME.com/tls/:/var/hyperledger/orderer/tls
- ./crypto-config/peerOrganizations/ORG_NAME.APPLICATION_NAME.com/peers/peer0.ORG_NAME.APPLICATION_NAME.com/:/etc/hyperledger/msp/peer0ORG_NAME
- ./crypto-config/peerOrganizations/ORG_NAME.APPLICATION_NAME.com/peers/peer1.ORG_NAME.APPLICATION_NAME.com/:/etc/hyperledger/msp/peer1ORG_NAME
# - ./ledgers/orderer.APPLICATION_NAME.com/:/var/hyperledger/production/orderer/
networks:
- basic
orderer2.APPLICATION_NAME.com:
container_name: orderer2.APPLICATION_NAME.com
image: hyperledger/fabric-orderer:IMAGETAG
environment:
- FABRIC_LOGGING_SPEC=info
- ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
- ORDERER_GENERAL_GENESISMETHOD=file
- ORDERER_GENERAL_GENESISFILE=/etc/hyperledger/configtx/genesis.block
- ORDERER_GENERAL_LOCALMSPID=OrdererMSP
- ORDERER_GENERAL_LOCALMSPDIR=/etc/hyperledger/msp/orderer/msp
- CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/msp/orderer
# enabled TLS
- ORDERER_GENERAL_TLS_ENABLED=true
- ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
- ORDERER_KAFKA_TOPIC_REPLICATIONFACTOR=1
- ORDERER_KAFKA_VERBOSE=true
- ORDERER_GENERAL_CLUSTER_CLIENTCERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_CLUSTER_CLIENTPRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_CLUSTER_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/orderer
command: orderer
restart: always
ports:
- 8050:7050
volumes:
- ./config/:/etc/hyperledger/configtx
- ./crypto-config/ordererOrganizations/APPLICATION_NAME.com/orderers/orderer2.APPLICATION_NAME.com/:/etc/hyperledger/msp/orderer
- ./crypto-config/ordererOrganizations/APPLICATION_NAME.com/orderers/orderer2.APPLICATION_NAME.com/tls/:/var/hyperledger/orderer/tls
- ./crypto-config/peerOrganizations/ORG_NAME.APPLICATION_NAME.com/peers/peer0.ORG_NAME.APPLICATION_NAME.com/:/etc/hyperledger/msp/peer0ORG_NAME
- ./crypto-config/peerOrganizations/ORG_NAME.APPLICATION_NAME.com/peers/peer1.ORG_NAME.APPLICATION_NAME.com/:/etc/hyperledger/msp/peer1ORG_NAME
# - ./ledgers/orderer.APPLICATION_NAME.com/:/var/hyperledger/production/orderer/
networks:
- basic
orderer3.APPLICATION_NAME.com:
container_name: orderer3.APPLICATION_NAME.com
image: hyperledger/fabric-orderer:IMAGETAG
environment:
- FABRIC_LOGGING_SPEC=info
- ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
- ORDERER_GENERAL_GENESISMETHOD=file
- ORDERER_GENERAL_GENESISFILE=/etc/hyperledger/configtx/genesis.block
- ORDERER_GENERAL_LOCALMSPID=OrdererMSP
- ORDERER_GENERAL_LOCALMSPDIR=/etc/hyperledger/msp/orderer/msp
- CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/msp/orderer
# enabled TLS
- ORDERER_GENERAL_TLS_ENABLED=true
- ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
- ORDERER_KAFKA_TOPIC_REPLICATIONFACTOR=1
- ORDERER_KAFKA_VERBOSE=true
- ORDERER_GENERAL_CLUSTER_CLIENTCERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_CLUSTER_CLIENTPRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_CLUSTER_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/orderer
command: orderer
restart: always
ports:
- 9050:7050
volumes:
- ./config/:/etc/hyperledger/configtx
- ./crypto-config/ordererOrganizations/APPLICATION_NAME.com/orderers/orderer3.APPLICATION_NAME.com/:/etc/hyperledger/msp/orderer
- ./crypto-config/ordererOrganizations/APPLICATION_NAME.com/orderers/orderer3.APPLICATION_NAME.com/tls/:/var/hyperledger/orderer/tls
- ./crypto-config/peerOrganizations/ORG_NAME.APPLICATION_NAME.com/peers/peer0.ORG_NAME.APPLICATION_NAME.com/:/etc/hyperledger/msp/peer0ORG_NAME
- ./crypto-config/peerOrganizations/ORG_NAME.APPLICATION_NAME.com/peers/peer1.ORG_NAME.APPLICATION_NAME.com/:/etc/hyperledger/msp/peer1ORG_NAME
# - ./ledgers/orderer.APPLICATION_NAME.com/:/var/hyperledger/production/orderer/
networks:
- basic
orderer4.APPLICATION_NAME.com:
container_name: orderer4.APPLICATION_NAME.com
image: hyperledger/fabric-orderer:IMAGETAG
environment:
- FABRIC_LOGGING_SPEC=info
- ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
- ORDERER_GENERAL_GENESISMETHOD=file
- ORDERER_GENERAL_GENESISFILE=/etc/hyperledger/configtx/genesis.block
- ORDERER_GENERAL_LOCALMSPID=OrdererMSP
- ORDERER_GENERAL_LOCALMSPDIR=/etc/hyperledger/msp/orderer/msp
- CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/msp/orderer
# enabled TLS
- ORDERER_GENERAL_TLS_ENABLED=true
- ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
- ORDERER_KAFKA_TOPIC_REPLICATIONFACTOR=1
- ORDERER_KAFKA_VERBOSE=true
- ORDERER_GENERAL_CLUSTER_CLIENTCERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_CLUSTER_CLIENTPRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_CLUSTER_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/orderer
command: orderer
restart: always
ports:
- 10050:7050
volumes:
- ./config/:/etc/hyperledger/configtx
- ./crypto-config/ordererOrganizations/APPLICATION_NAME.com/orderers/orderer4.APPLICATION_NAME.com/:/etc/hyperledger/msp/orderer
- ./crypto-config/ordererOrganizations/APPLICATION_NAME.com/orderers/orderer4.APPLICATION_NAME.com/tls/:/var/hyperledger/orderer/tls
- ./crypto-config/peerOrganizations/ORG_NAME.APPLICATION_NAME.com/peers/peer0.ORG_NAME.APPLICATION_NAME.com/:/etc/hyperledger/msp/peer0ORG_NAME
- ./crypto-config/peerOrganizations/ORG_NAME.APPLICATION_NAME.com/peers/peer1.ORG_NAME.APPLICATION_NAME.com/:/etc/hyperledger/msp/peer1ORG_NAME
# - ./ledgers/orderer.APPLICATION_NAME.com/:/var/hyperledger/production/orderer/
networks:
- basic
orderer5.APPLICATION_NAME.com:
container_name: orderer5.APPLICATION_NAME.com
image: hyperledger/fabric-orderer:IMAGETAG
environment:
- FABRIC_LOGGING_SPEC=info
- ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
- ORDERER_GENERAL_GENESISMETHOD=file
- ORDERER_GENERAL_GENESISFILE=/etc/hyperledger/configtx/genesis.block
- ORDERER_GENERAL_LOCALMSPID=OrdererMSP
- ORDERER_GENERAL_LOCALMSPDIR=/etc/hyperledger/msp/orderer/msp
- CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/msp/orderer
# enabled TLS
- ORDERER_GENERAL_TLS_ENABLED=true
- ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
- ORDERER_KAFKA_TOPIC_REPLICATIONFACTOR=1
- ORDERER_KAFKA_VERBOSE=true
- ORDERER_GENERAL_CLUSTER_CLIENTCERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_CLUSTER_CLIENTPRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_CLUSTER_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/orderer
command: orderer
restart: always
ports:
- 11050:7050
volumes:
- ./config/:/etc/hyperledger/configtx
- ./crypto-config/ordererOrganizations/APPLICATION_NAME.com/orderers/orderer5.APPLICATION_NAME.com/:/etc/hyperledger/msp/orderer
- ./crypto-config/ordererOrganizations/APPLICATION_NAME.com/orderers/orderer5.APPLICATION_NAME.com/tls/:/var/hyperledger/orderer/tls
- ./crypto-config/peerOrganizations/ORG_NAME.APPLICATION_NAME.com/peers/peer0.ORG_NAME.APPLICATION_NAME.com/:/etc/hyperledger/msp/peer0ORG_NAME
- ./crypto-config/peerOrganizations/ORG_NAME.APPLICATION_NAME.com/peers/peer1.ORG_NAME.APPLICATION_NAME.com/:/etc/hyperledger/msp/peer1ORG_NAME
# - ./ledgers/orderer.APPLICATION_NAME.com/:/var/hyperledger/production/orderer/
networks:
- basic
peer0.ORG_NAME.APPLICATION_NAME.com:
container_name: peer0.ORG_NAME.APPLICATION_NAME.com
image: hyperledger/fabric-peer:IMAGETAG
environment:
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
- CORE_PEER_ID=peer0.ORG_NAME.APPLICATION_NAME.com
- CORE_PEER_ADDRESS=peer0.ORG_NAME.APPLICATION_NAME.com:7051
- CORE_PEER_LISTENADDRESS=0.0.0.0:7051
- CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:7052
- FABRIC_LOGGING_SPEC=info
- CORE_CHAINCODE_LOGGING_LEVEL=info
- CORE_PEER_LOCALMSPID=MSP_NAME
- CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/msp/peer/
- CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=COMPOSE_PROJECT_NAME_basic
- CORE_PEER_GOSSIP_BOOTSTRAP=peer1.ORG_NAME.APPLICATION_NAME.com:8051
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.ORG_NAME.APPLICATION_NAME.com:7051
- CORE_CHAINCODE_EXECUTETIMEOUT="600s"
- CORE_PEER_GRPCOPTIONS_REQUEST_TIMEOUT="600s"
- CORE_PEER_PROFILE_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/etc/hyperledger/fabric/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/etc/hyperledger/fabric/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/etc/hyperledger/fabric/tls/ca.crt
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: peer node start
restart: always
# command: peer node start --peer-chaincodedev=true
ports:
- 7051:7051
- 7053:7053
volumes:
- /var/run/:/host/var/run/
- ./crypto-config/peerOrganizations/ORG_NAME.APPLICATION_NAME.com/peers/peer0.ORG_NAME.APPLICATION_NAME.com/msp:/etc/hyperledger/msp/peer
- ./crypto-config/peerOrganizations/ORG_NAME.APPLICATION_NAME.com/users:/etc/hyperledger/msp/users
- ./config:/etc/hyperledger/configtx
# - ./ledgers/peer0.ORG_NAME.APPLICATION_NAME.com/:/var/hyperledger/production/
- ./crypto-config/peerOrganizations/ORG_NAME.APPLICATION_NAME.com/peers/peer0.ORG_NAME.APPLICATION_NAME.com/tls:/etc/hyperledger/fabric/tls
depends_on:
- orderer.APPLICATION_NAME.com
networks:
- basic
peer1.ORG_NAME.APPLICATION_NAME.com:
container_name: peer1.ORG_NAME.APPLICATION_NAME.com
image: hyperledger/fabric-peer:IMAGETAG
working_dir: /opt/gopath/src/github.com/hyperledger/fabric
command: peer node start
restart: always
environment:
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
- CORE_PEER_ID=peer1.ORG_NAME.APPLICATION_NAME.com
- CORE_PEER_ADDRESS=peer1.ORG_NAME.APPLICATION_NAME.com:8051
- CORE_PEER_LISTENADDRESS=0.0.0.0:8051
- CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:8052
- FABRIC_LOGGING_SPEC=info
- CORE_CHAINCODE_LOGGING_LEVEL=info
- CORE_PEER_LOCALMSPID=MSP_NAME
- CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/msp/peer/
- CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=${COMPOSE_PROJECT_NAME}_basic
- CORE_PEER_GOSSIP_BOOTSTRAP=peer0.ORG_NAME.APPLICATION_NAME.com:7051
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer1.ORG_NAME.APPLICATION_NAME.com:8051
- CORE_CHAINCODE_EXECUTETIMEOUT="600s"
- CORE_PEER_GRPCOPTIONS_REQUEST_TIMEOUT="600s"
- CORE_PEER_PROFILE_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/etc/hyperledger/fabric/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/etc/hyperledger/fabric/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/etc/hyperledger/fabric/tls/ca.crt
volumes:
- /var/run/:/host/var/run/
- ./crypto-config/peerOrganizations/ORG_NAME.APPLICATION_NAME.com/peers/peer1.ORG_NAME.APPLICATION_NAME.com/msp:/etc/hyperledger/msp/peer
- ./crypto-config/peerOrganizations/ORG_NAME.APPLICATION_NAME.com/users:/etc/hyperledger/msp/users
- ./config:/etc/hyperledger/configtx
# - ./ledgers/peer1.ORG_NAME.APPLICATION_NAME.com/:/var/hyperledger/production/
- ./crypto-config/peerOrganizations/ORG_NAME.APPLICATION_NAME.com/peers/peer1.ORG_NAME.APPLICATION_NAME.com/tls:/etc/hyperledger/fabric/tls
depends_on:
- orderer.APPLICATION_NAME.com
ports:
- 8051:8051
networks:
- basic
我知道 docker compose 写得不是很好,我替换了相同的命令和东西,但此时我只想让网络正常运行,接下来重构和重新格式化代码。
为了运行网络,我首先运行生成脚本,其中关键部分是:
cryptogen generate --config=./crypto-config.yaml
configtxgen -profile SampleMultiNodeEtcdRaft -channelID $CHANNEL_NAME -outputBlock
./config/genesis.block
configtxgen -profile OneOrgChannel -outputCreateChannelTx ./config/channel.tx -channelID $CHANNEL_NAME
configtxgen -profile OneOrgChannel -outputAnchorPeersUpdate ./config/${MSP_NAME}anchors.tx -channelID $CHANNEL_NAME -asOrg $MSP_NAME
接下来,我使用 docker compose 运行我的网络。我没有收到任何错误,一切正常,但如果我看到订购者的日志,我就会收到我所说的错误。当然,如果我还实例化 cli 并尝试创建 channel ,我会收到错误消息,因此我想在继续之前解决这个问题。提前致谢。
来自订购者的一个非常短的日志:
2019-11-27 08:47:24.985 UTC [orderer.consensus.etcdraft] poll -> INFO 240 1 received MsgPreVoteResp from 1 at term 1 channel=beerchannel node=1
2019-11-27 08:47:24.985 UTC [orderer.consensus.etcdraft] campaign -> INFO 241 1 [logterm: 1, index: 5] sent MsgPreVote request to 2 at term 1 channel=beerchannel node=1
2019-11-27 08:47:24.985 UTC [orderer.consensus.etcdraft] campaign -> INFO 242 1 [logterm: 1, index: 5] sent MsgPreVote request to 3 at term 1 channel=beerchannel node=1
2019-11-27 08:47:24.985 UTC [orderer.consensus.etcdraft] campaign -> INFO 243 1 [logterm: 1, index: 5] sent MsgPreVote request to 4 at term 1 channel=beerchannel node=1
2019-11-27 08:47:24.985 UTC [orderer.consensus.etcdraft] campaign -> INFO 244 1 [logterm: 1, index: 5] sent MsgPreVote request to 5 at term 1 channel=beerchannel node=1
2019-11-27 08:47:25.095 UTC [core.comm] ServerHandshake -> ERRO 245 TLS handshake failed with error tls: first record does not look like a TLS handshake server=Orderer remoteaddress=192.168.144.6:42974
2019-11-27 08:47:28.898 UTC [core.comm] ServerHandshake -> ERRO 246 TLS handshake failed with error tls: first record does not look like a TLS handshake server=Orderer remoteaddress=192.168.144.7:58672
2019-11-27 08:47:30.484 UTC [orderer.consensus.etcdraft] Step -> INFO 247 1 is starting a new election at term 1 channel=beerchannel node=1
2019-11-27 08:47:30.485 UTC [orderer.consensus.etcdraft] becomePreCandidate -> INFO 248 1 became pre-candidate at term 1 channel=beerchannel node=1
2019-11-27 08:47:30.485 UTC [orderer.consensus.etcdraft] poll -> INFO 249 1 received MsgPreVoteResp from 1 at term 1 channel=beerchannel node=1
重复多次然后 docker 停止
最佳答案
您的两个对等点都缺少 CORE_PEER_TLS_ENABLED=true
。
关于ssl - TLS 握手失败,错误为 tls : first record does not look like a TLS handshake server=Orderer remoteaddress=192. 168.144.4:43496,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/59066483/
是否可以使用 OpenSSL 或其他工具通过 TLS 建立 TLS 连接? 如果可能,每个级别的证书是否需要不同? 最佳答案 这在理论上应该工作得很好,但我不能确定 OpenSSL 或其他东西是否会轻
在我的 java 代码中,我正在使用命令创建 SSL 上下文的一个实例 SSLContext ctx = SSLContext.getInstance("TLS"); 但是在我的 tomcat 服务器
在我的 java 代码中,我正在使用命令创建一个 SSL 上下文实例 SSLContext ctx = SSLContext.getInstance("TLS"); 但在我的 tomcat 服务器中,
范围:这是一个具有一个 channel 的网络,该 channel 由 3 个组织组成,每个组织 1 个 anchor 节点,每个组织 1 个 CA 和每个组织 1 个 MSP。 我在我的 Hyper
无法找到用于在 iis 上启用/禁用 tls 的特定设置。启用/禁用 ssl 是否与启用/禁用 tls 相同? 我浏览了一些博客,发现 SSL 是 TLS 的前身,旧版本的 SSL 已被弃用。但我无法
最近,我一直在为基于物联网的项目评估不同的 API 网关 (API GW) 选项。这样做的目的是找到一个足够好的解决方案来执行设备和 API GW 的相互 TLS (mTLS) 身份验证。 我尝试过的
几个月来,我的 Web 应用程序在不同版本的 IE/Firefox/Chrome 上运行良好。我的应用程序在 IIS 10.0 上运行。当我从 Windows 7 框 (IE 11.0.***) 中点
我有一个在 Java 7 上运行的 HTTPS 网络服务。我需要进行更改,以便此服务仅接受 TLS1.2 连接并拒绝 SSL3、TLS1.0 和 TLS1.1。 我添加了以下 Java 参数,使 TL
我在资源管理器不显示网站时遇到问题:“无法显示此页面。在高级设置中打开 TLS 1.0、TLS 1.1 和 TLS 1.2”。 我在 chrome 中调试了证书并说“连接是使用 aes_128_cbc
我正在与 5 个订购者、1 个组织和 2 个同行建立我的网络。还有 1 个 cli 和 1 个 ca。 我从 1 个排序者扩展到 5 个实现 Raft 的排序者。这就是为什么我想扩展我的网络并对多个对
当k8s集群开启了TLS认证后,每个节点的kubelet组件都要使用由kube-apiserver的CA签发的有效证书才能与kube-apiserver通信;当节点非常多的时候,为每个节点都单独签署证
我正在尝试使用 pjsip 安装中的 pjsua 程序在两个虚拟机之间进行安全调用。我通过以下方式在每个节点上启动程序: pjsua-x86_64-unknown-linux-gnu --use-tl
我开发的软件应用程序使用 gRPC 在客户端和服务器之间建立双向流。 我只在 java 中寻找类似于这张票的答案的东西:How to enable server side SSL for gRPC?
我正在尝试调试与 TLS 相关的问题。TLS 在两个应用程序客户端 A 和服务器 B 之间设置。A 和 B 都交换了证书,我已经验证证书具有正确的扩展名,并且还通过其根 CA 成功验证。叶证书的根 C
“Java 1.7 TLS 1.1 服务器”和“Java 1.8 客户端”之间的 SSL/TLS 握手在我的环境中失败,服务器端出现以下异常: java.security.NoSuchAlgorith
我正在尝试了解 Docker ,但我不断收到神秘的(对我而言)错误消息。 可能最简单的例子是尝试打印我安装的 Docker 版本: $ sudo docker version Client versi
这是我第一次使用 Amazon Lighsail、Wordpress Multisite、Bitnami甚至使用 Let's Encrypt;现在似乎一切正常,除了我的虚拟主机文件中的 SSL 指令。
我有一个 MariaDB "M"。在同一台机器上有一个应用程序“A”,它可以访问它。在不同的服务器上,另一个应用程序“B”也在访问它。 现在我想在 MariaDB 上启用 TLS 以保护连接 B ->
我正在寻找通过代理连接到一些 HTTPS/TLS 站点,其中到代理本身的连接也是通过 HTTPS/TLS 建立的,来自一个高度依赖请求的 python 应用程序。 urllib3(因此 request
现在我正在努力改变 EMQtt 和 Erlang MQTT 代理,以便我可以使用预共享 key 而不是非对称方法执行 TLS 握手。 到目前为止,我几乎遍历了源代码中的每个文件,但找不到任何加密函数。
我是一名优秀的程序员,十分优秀!