IP SANS 的 Hyper Ledger Fabric CA 服务器设置错误
我正在尝试与两个组织建立区块链网络,每个组织中有两个对等点。在为 org1、org2 和排序者组织设置单独的 CA 后,我使用 Fabric-ca-server-client 命令生成了加密材料。所有节点和排序节点都在单个虚拟机的不同容器中运行。问题与 IP SAN 相关。
# Register peer0 certificates now
fabric-ca-client register --caname ca.org1.example.com --csr.cn peer0.org1.example.com --csr.names 'O=org1,OU=peer,C=IN,ST=Telangana' --id.name peer0 --id.secret peer0pw --id.type peer --id.attrs '"hf.Registrar.Roles=peer"' --tls.certfiles ${FABRIC_CA_CLIENT_HOME}/ca/tls-ca-org1-example-com-cert.pem
# Enroll peer0 certificates now which stores crypto material for peer0 in msp folder
fabric-ca-client enroll -u https://peer0:peer0pw@localhost:7060 --caname ca.org1.example.com --csr.cn peer0.org1.example.com --csr.names 'O=org1,OU=peer,C=IN,ST=Telangana' -M ${FABRIC_CA_CLIENT_HOME}/peers/peer0.org1.example.com/msp --csr.hosts peer0.org1.example.com --tls.certfiles ${FABRIC_CA_CLIENT_HOME}/ca/tls-ca-org1-example-com-cert.pem
我在执行 docker logs peer0.org1.example.com 时遇到以下错误
2022-03-05 08:49:11.635 UTC [grpc] Warningf -> DEBU 04f grpc: addrConn.createTransport failed to connect to {127.0.0.1:7051 <nil> 0 <nil>}. Err: connection error: desc = "transport: authentication handshake failed: x509: cannot validate certificate for 127.0.0.1 because it doesn't contain any IP SANs". Reconnecting...
2022-03-05 08:49:11.636 UTC [grpc] Infof -> DEBU 052 Subchannel Connectivity change to TRANSIENT_FAILURE
2022-03-05 08:49:11.636 UTC [grpc] UpdateSubConnState -> DEBU 053 pickfirstBalancer: HandleSubConnStateChange: 0xc002ae4e40, {TRANSIENT_FAILURE connection error: desc = "transport: authentication handshake failed: x509: cannot validate certificate for 127.0.0.1 because it doesn't contain any IP SANs"}
2022-03-05 08:49:11.636 UTC [grpc] Infof -> DEBU 054 Channel Connectivity change to TRANSIENT_FAILURE
2022-03-05 08:49:11.635 UTC [core.comm] ServerHandshake -> ERRO 050 Server TLS handshake failed in 945.487µs with error remote error: tls: bad certificate server=PeerServer remoteaddress=127.0.0.1:38460
2022-03-05 08:49:11.637 UTC [grpc] Warningf -> DEBU 055 grpc: Server.Serve failed to complete security handshake from "127.0.0.1:38460": remote error: tls: bad certificate
I am trying to setup blockchain network with two organizations having two peers in each organization. I generated crypto material using fabric-ca-server-client command after setting up separate CAs for org1, org2 and orderer organizations. All peers and orderers are running in different containers in a single VM. Issue is about IP SANS.
# Register peer0 certificates now
fabric-ca-client register --caname ca.org1.example.com --csr.cn peer0.org1.example.com --csr.names 'O=org1,OU=peer,C=IN,ST=Telangana' --id.name peer0 --id.secret peer0pw --id.type peer --id.attrs '"hf.Registrar.Roles=peer"' --tls.certfiles ${FABRIC_CA_CLIENT_HOME}/ca/tls-ca-org1-example-com-cert.pem
# Enroll peer0 certificates now which stores crypto material for peer0 in msp folder
fabric-ca-client enroll -u https://peer0:peer0pw@localhost:7060 --caname ca.org1.example.com --csr.cn peer0.org1.example.com --csr.names 'O=org1,OU=peer,C=IN,ST=Telangana' -M ${FABRIC_CA_CLIENT_HOME}/peers/peer0.org1.example.com/msp --csr.hosts peer0.org1.example.com --tls.certfiles ${FABRIC_CA_CLIENT_HOME}/ca/tls-ca-org1-example-com-cert.pem
I am getting below error while executing docker logs peer0.org1.example.com
2022-03-05 08:49:11.635 UTC [grpc] Warningf -> DEBU 04f grpc: addrConn.createTransport failed to connect to {127.0.0.1:7051 <nil> 0 <nil>}. Err: connection error: desc = "transport: authentication handshake failed: x509: cannot validate certificate for 127.0.0.1 because it doesn't contain any IP SANs". Reconnecting...
2022-03-05 08:49:11.636 UTC [grpc] Infof -> DEBU 052 Subchannel Connectivity change to TRANSIENT_FAILURE
2022-03-05 08:49:11.636 UTC [grpc] UpdateSubConnState -> DEBU 053 pickfirstBalancer: HandleSubConnStateChange: 0xc002ae4e40, {TRANSIENT_FAILURE connection error: desc = "transport: authentication handshake failed: x509: cannot validate certificate for 127.0.0.1 because it doesn't contain any IP SANs"}
2022-03-05 08:49:11.636 UTC [grpc] Infof -> DEBU 054 Channel Connectivity change to TRANSIENT_FAILURE
2022-03-05 08:49:11.635 UTC [core.comm] ServerHandshake -> ERRO 050 Server TLS handshake failed in 945.487µs with error remote error: tls: bad certificate server=PeerServer remoteaddress=127.0.0.1:38460
2022-03-05 08:49:11.637 UTC [grpc] Warningf -> DEBU 055 grpc: Server.Serve failed to complete security handshake from "127.0.0.1:38460": remote error: tls: bad certificate
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论