修改身份:未能验证用户是否可以对type'用户作用。
使用HyperLeDFER面料进行一些测试,我正在完成创建具有错误类型的新身份的任务,然后练习修改身份。但是,当我执行时:
fabric-ca-client register \
--id.name peer2 \
--id.affiliation org1 \
--id.type user \
--id.secret 'IAMPEER2!' \
-u http://Org1Administrator:Org1Rocks@localhost:7054
我得到:
2022/04/13 20:16:05 [INFO] Configuration file location:
/etc/hyperledger/fabric-ca-server/fabric-ca-client-config.yaml
Error: Response from server: Error Code: 45 - Failed to verify if user
can act on type 'user': : scode: 403, local code: 42, local msg: 'peer1' is not a registrar,
remote code: 71, remote msg: Authorization failure
我以前能够在没有问题的情况下注册身份。我不明白为什么它不允许我注册类型用户的身份。我已经检查了Fabric-ca-ca-config.yaml,我认为没有限制:
#############################################################################
# Registration section used to register a new identity with fabric-ca server
#
# name - Unique name of the identity
# type - Type of identity being registered (e.g. 'peer, app, user')
# affiliation - The identity's affiliation
# maxenrollments - The maximum number of times the secret can be reused to enroll.
# Specially, -1 means unlimited; 0 means to use CA's max enrollment
# value.
# attributes - List of name/value pairs of attribute for identity
#############################################################################
id:
name:
type:
affiliation:
maxenrollments: 0
attributes:
# - name:
# value:
有什么想法吗?
Doing some testing with Hyperledfer Fabric, I'm doing the task of creating a new identity with a wrong type, to then practice modifying the identity. However, when I execute:
fabric-ca-client register \
--id.name peer2 \
--id.affiliation org1 \
--id.type user \
--id.secret 'IAMPEER2!' \
-u http://Org1Administrator:Org1Rocks@localhost:7054
I get:
2022/04/13 20:16:05 [INFO] Configuration file location:
/etc/hyperledger/fabric-ca-server/fabric-ca-client-config.yaml
Error: Response from server: Error Code: 45 - Failed to verify if user
can act on type 'user': : scode: 403, local code: 42, local msg: 'peer1' is not a registrar,
remote code: 71, remote msg: Authorization failure
I was able to register identity previously with no problems. I don't see why it's not allowing me to register an identity of type user. I've checked fabric-ca-client-config.yaml and I see no restrains to do so:
#############################################################################
# Registration section used to register a new identity with fabric-ca server
#
# name - Unique name of the identity
# type - Type of identity being registered (e.g. 'peer, app, user')
# affiliation - The identity's affiliation
# maxenrollments - The maximum number of times the secret can be reused to enroll.
# Specially, -1 means unlimited; 0 means to use CA's max enrollment
# value.
# attributes - List of name/value pairs of attribute for identity
#############################################################################
id:
name:
type:
affiliation:
maxenrollments: 0
attributes:
# - name:
# value:
Any ideas?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
因此,要检查的关键元素是:
'PEER1'不是I登记官我在Fabric-Ca-server容器中运行,最后一个注册的用户是
类型:Peer,不是管理员。这通常是设置CA服务器时注册的第一个用户。这使我认为上次注册的用户充当当前用户,在该用户下执行后续命令。我不知道这种行为。
So the key element to check was:
'peer1' is not a registrarI was running within the fabric-ca-server container, and the last enrolled user was of
type: peer, not admin.That's usually the first user registered when setting up the CA server. This led me to think that the last enrolled user acts as current user under which subsequent commands are executed. I was not aware of this behavior.