Menu
I was studying Hyperledger Fabric and running sample codes . I am still trying to get the correct picture of how things work ,especially in the user/admin registration and enrollment using certificates and crypt materials.
I want to know how the following work .
1)Register
2)enrollment
3)user and admincontext .
Another thing i am confused about is the certificates or CAs. To use the blockchain network how to use my own/3rd party certificates of x509 type . Is it even possible . ?
In the BYFN sample in hyperledger fabric docs ,certificate is generated using the cryptogen tool and used to verify with the MSP for blockchain participation.
How does it work in a real world or a business application scenario .
THANKS
230
The Hyperledger Fabric CA is a Certificate Authority (CA) for Hyperledger Fabric. It provides features such as: registration of identities, or connects to LDAP as the user registry. issuance of Enrollment Certificates (ECerts) certificate renewal and revocation.
Generating Crypto Material using Cryptogen. Hyperledger Fabric provides a tool that crypto material can be generated with minimum configuration. The tool is bin/cryptogen . Working with a configuration file, the crypto material of Test Network is generated and the result is kept as the directory structure shown above.
Certificate Authority The CA also issues an enrollment certificate (eCert) to each member component, server-side applications and occasionally users. Each enrolled user is also granted an allocation of transaction certificates (tCerts). Each tCert authorizes one network transaction.
The cryptogen tool is not production ready, it is advised to use the Fabric CA or certificates from a 3rd party tool, like you mentioned.
Below our steps to take to register and enroll a new user using the default parameters for the Fabric CA:
Make sure your CA is deployed and started using:
fabric-ca-server start -b admin:adminpw -d
Then you can enroll the default admin identity using:
fabric-ca-client enroll -u "http://admin:adminpw@localhost:7054"
With the admin now enrolled, we can register our first user:
fabric-ca-client register -u "http://localhost:7054" --id.name "demoblockchain" --id.secret "demo" --id.type "client" --id.affiliation "org1.department1"
Now that we have the user registered with the CA, we need to enroll the new user.
fabric-ca-client enroll -u "http://demoblockchain:demo@localhost:7054"
The output of this command will give you the list of certificates and where they have been stored.
I hope this helps with the flow of registration and enrollment!
135
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
