Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

CAs,Enrollment,Registration for HyperLedger Fabric

Tags:

I was studying Hyperledger Fabric and running sample codes . I am still trying to get the correct picture of how things work ,especially in the user/admin registration and enrollment using certificates and crypt materials.

I want to know how the following work .

1)Register

2)enrollment

3)user and admincontext .

Another thing i am confused about is the certificates or CAs. To use the blockchain network how to use my own/3rd party certificates of x509 type . Is it even possible . ?

In the BYFN sample in hyperledger fabric docs ,certificate is generated using the cryptogen tool and used to verify with the MSP for blockchain participation.

How does it work in a real world or a business application scenario .

THANKS

like image 230
Skadoosh Avatar asked Apr 19 '18 09:04

Skadoosh

People also ask

What is CA in Hyperledger fabric?

The Hyperledger Fabric CA is a Certificate Authority (CA) for Hyperledger Fabric. It provides features such as: registration of identities, or connects to LDAP as the user registry. issuance of Enrollment Certificates (ECerts) certificate renewal and revocation.

How do you create cryptography material for Hyperledger fabric?

Generating Crypto Material using Cryptogen. Hyperledger Fabric provides a tool that crypto material can be generated with minimum configuration. The tool is bin/cryptogen . Working with a configuration file, the crypto material of Test Network is generated and the result is kept as the directory structure shown above.

What is meant by CERT in Hyperledger fabric and what is the usage?

Certificate Authority The CA also issues an enrollment certificate (eCert) to each member component, server-side applications and occasionally users. Each enrolled user is also granted an allocation of transaction certificates (tCerts). Each tCert authorizes one network transaction.

1 Answers

The cryptogen tool is not production ready, it is advised to use the Fabric CA or certificates from a 3rd party tool, like you mentioned.

Below our steps to take to register and enroll a new user using the default parameters for the Fabric CA:

Make sure your CA is deployed and started using:

fabric-ca-server start -b admin:adminpw -d

Then you can enroll the default admin identity using: 

fabric-ca-client enroll -u "http://admin:adminpw@localhost:7054"

With the admin now enrolled, we can register our first user:

fabric-ca-client register -u "http://localhost:7054" --id.name "demoblockchain" --id.secret "demo" --id.type "client" --id.affiliation "org1.department1"
  • -u is the shorthand flag for the url of our CA.
  • --id.name is the name of our user
  • --id.secret is the password for the user
  • --id.type is the type of user. (client, peer, orderer, validator, auditor, ca)
  • --id.affiliation is to determine who the user belongs to

Now that we have the user registered with the CA, we need to enroll the new user.

fabric-ca-client enroll -u "http://demoblockchain:demo@localhost:7054"

The output of this command will give you the list of certificates and where they have been stored.

I hope this helps with the flow of registration and enrollment!

like image 135
smeyers Avatar answered Sep 28 '22 18:09

smeyers
Sign in to Comment

Related questions

call java class methods from react-native (not Android Activity java class)
Exporting all data programically from powerBI Visual
Google Chrome 66 autoplay policy change
How i can use variables in stylesheet in React Native?
Using github for excel files
NestJs - How to get url of handler?
Button not clicking while leaving textarea focus
Few mutations in GitHub API v4 (GraphQL)?
plantuml component diagram - layout control
Using file name in json parsing (Haskell Aeson)
How to BatchUpdate Google Sheets appending numbers instead of strings/apostrophes
Parsing XML in Go after accessing it through io/ioutil net/http

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!