Menu
Hello I am tryin to use hyperledger fabric for a block chain implementation. I did the first-network demo and found lot of certificates in it. I have tried arranging them hierarchically in below picture.
I Have some questions related to them
TIA.
588
Every operation in Hyperledger must be signed cryptographically with certificates. You can generate certificates yourself using OpenSSL or by using third party. Before moving further into details of CA lets first explore Hyperledger Fabric a little.
A certificate revocation list (CRL) is a list of digital certificates that have been revoked by the issuing certificate authority (CA) before their actual or assigned expiration date.
Fabric supports for secure communication between nodes using TLS. TLS communication can use both one-way (server only) and two-way (server and client) authentication.
On Fabric, registration and enrollment are the same for X.509 Certificates and TLS Certificates. Hyperledger Fabric implements two types of certificates: 1) Enrollment Certificates for identities and 2) TLS Certificates for node and client communications.
A Hyperledger Fabric certification can help you prove your skills to the respected authorities. In an interview, you can showcase your certificate and claim that you are skilled on the said topic. As a result, you have a greater chance of landing the job than other participants.
Client Certificates expire after one year, using the Hyperledger Fabric CA default settings. Client Certificates can be re-enrolled using either command line Hyperledger Fabric CA utilities or the Fabric CA client SDK.
Hyperledger partnered with The Linux Foundation to create blockchain professional certification programs. Certified Hyperledger Fabric Administrator The Certified Hyperledger Fabric Administrator (CHFA) will be able to to install, configure, operate, manage, and troubleshoot the nodes on a secure commercial Hyperledger Fabric network.
First of all thanks for creating the tree for the same.
I am a beginner in the hyperledger but what i understand from the hyperledger document that each Organization requires a unique root certificate (ca-cert), that binds specific components (peers and orderers) to that organization. Transactions and communications within Fabric are signed by an entity's private key (keystore), and then verified by means of a public key (signcerts).
As different organization also required to communicate or share their ledger so there is need of CA or MSP on organization level. Within each organization we can have multiple peers so we need certification for these peers too. Even peers from different organizations can join each other so signcerts(for authenticating) and TLScerts(for a secure handshake).
To have a look how these are generate i suggest you to Manually generate the artifacts
http://hyperledger-fabric.readthedocs.io/en/latest/build_network.html
and see the different certs in the folders inside as you created them.
152
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
