订购者remoteaddress

订购者remoteaddress

关注
发信
关注(28)粉丝(399)

Hyperledger架构:TLS握手失败,并显示远程错误:tls:证书服务器错误=订购者remoteaddress

本文介绍了Hyperledger架构:TLS握手失败,并显示远程错误:tls:证书服务器错误=订购者remoteaddress的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

这似乎是HLF频道创建命令中的常见问题

这是我创建频道的命令

 对等通道创建-o orderer1.workspace:7050 -c base-main-channel -f ./config/channel.tx --tls --cafile/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/base.order/orderers/orderer1.base.order/msp/tlscacerts/tlsca.base.order-cert.pem

我从订单节点收到的错误是

  ERRO 02d TLS握手失败,并显示错误远程错误:tls:错误的证书服务器=订购者remoteaddress = 172.23.0.7:36982

我已经尝试过以下问题的解决方案

但这对我不起作用

我使用的是 raft 订购服务而不是 kafka

这是我的木筏配置

 筏:<< ;: * ChannelDefaults能力:<< ;: * ChannelCapabilities订购者:<< ;: * OrdererDefaults订单类型:etcdraftEtcdRaft:同意者:-主机:orderer.base港口:7050ClientTLSCert:crypto-config/ordererOrganizations/base.order/orderers/orderer1.base.order/tls/server.crtServerTLSCert:crypto-config/ordererOrganizations/base.order/orderers/orderer1.base.order/tls/server.crt地址:-orderer.base:7050
解决方案

您在 peer channel create 命令中使用的-cafile 文件夹路径不正确./p>

代替

 -cafile/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/base.order/orderers/orderer1.base.order/msp/tlscacerts/tlsca.base.订单证书

使用

 -cafile/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/base.order/tlsca/tlsca.base.order-cert.pem

This seems like a common issue in HLF channel creation command

Here is my command to create the channel 

peer channel create -o orderer1.workspace:7050 -c base-main-channel -f ./config/channel.tx --tls --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/base.order/orderers/orderer1.base.order/msp/tlscacerts/tlsca.base.order-cert.pem

The error I am getting from the order node is 

ERRO 02d TLS handshake failed with error remote error: tls: bad certificate server=Orderer remoteaddress=172.23.0.7:36982

I've tried the solution from this question TLS handshake failed with error remote error: tls: bad certificate server=Orderer

But it doesn't work for me

The only difference I am using raft ordering service instead of kafka

Here is my raft config

Raft:
        <<: *ChannelDefaults
        Capabilities:
            <<: *ChannelCapabilities
        Orderer:
            <<: *OrdererDefaults
            OrdererType: etcdraft
            EtcdRaft:
                Consenters:
                - Host: orderer.base
                  Port: 7050
                  ClientTLSCert: crypto-config/ordererOrganizations/base.order/orderers/orderer1.base.order/tls/server.crt
                  ServerTLSCert: crypto-config/ordererOrganizations/base.order/orderers/orderer1.base.order/tls/server.crt
            Addresses:
                - orderer.base:7050
解决方案

You are using the uncorrect folder path for --cafile in your peer channel create command.

Instead of

--cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/base.order/orderers/orderer1.base.order/msp/tlscacerts/tlsca.base.order-cert.pem

Use 

--cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/base.order/tlsca/tlsca.base.order-cert.pem

这篇关于Hyperledger架构:TLS握手失败,并显示远程错误:tls:证书服务器错误=订购者remoteaddress的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

08-20 15:03
Powered by LMLPHP ©2024 订购者remoteaddress 0.033116