我正在尝试使用Hyperledger Fabric Go SDK与basic-networkfrom连接,但fabric-samples我不断收到此错误
2018-08-18 07:23:49.859 UTC [policies] Evaluate -> DEBU 3c4 == Evaluating *cauthdsl.policy Policy /Channel/Application/Org1MSP/Admins ==
2018-08-18 07:23:49.859 UTC [cauthdsl] deduplicate -> ERRO 3c5 Principal deserialization failure (MSP org1.example.com is unknown) for identity 0a106f7267312e6578616d706c652e636f6d1296062d2d2d2d2d424547494e2043455254494649434154452d2d2d2d2d0a4d494943476a4343416343674177494241674952414a5a69787333383955543053556a397a624a5170664577436759494b6f5a497a6a304541774977637a454c0a4d416b474131554542684d4356564d78457a415242674e5642416754436b4e6862476c6d62334a7561574578466a415542674e564241635444564e68626942470a636d467559326c7a593238784754415842674e5642416f54454739795a7a45755a586868625842735a53356a623230784844416142674e5642414d5445324e680a4c6d39795a7a45755a586868625842735a53356a623230774868634e4d5467774f4445344d4459794e6a49785768634e4d6a67774f4445314d4459794e6a49780a576a42624d517377435159445651514745774a56557a45544d4245474131554543424d4b5132467361575a76636d3570595445574d4251474131554542784d4e0a5532467549455a795957356a61584e6a627a45664d4230474131554541777757515752746157354162334a6e4d53356c654746746347786c4c6d4e766254425a0a4d424d4742797147534d34394167454743437147534d34394177454841304941424833496267694e686d5061686a786262524c7762727a397078316850484a470a44633237596d6768484f36716b457a2f4461483476564e6b4e6a4e4d6467657942394468546e664a434739356d5974774857464b4d62326a5454424c4d4134470a41315564447745422f775145417749486744414d42674e5648524d4241663845416a41414d437347413155644977516b4d434b41495055775953706873614e310a41646e366e7555314c504e2b344e38526e4c36446f64414e71594365573969664d416f4743437147534d343942414d43413067414d455543495143445354726e0a353745707958614451377471525774513871626150704d2b525253615770473778556274554149676661383654594632704b2f565144703135624255722b41500a2f774a7955386b5672365565744c75513756453d0a2d2d2d2d2d454e442043455254494649434154452d2d2d2d2d0a
2018-08-18 07:23:49.859 UTC [cauthdsl] func1 -> DEBU 3c6 0xc420194fa0 gate 1534577029859895629 evaluation starts
2018-08-18 07:23:49.859 UTC [cauthdsl] func2 -> DEBU 3c7 0xc420194fa0 signed by 0 principal evaluation starts (used [false])
2018-08-18 07:23:49.859 UTC [cauthdsl] func2 -> DEBU 3c8 0xc420194fa0 principal evaluation fails
2018-08-18 07:23:49.860 UTC [cauthdsl] func1 -> DEBU 3c9 0xc420194fa0 gate 1534577029859895629 evaluation fails
2018-08-18 07:23:49.860 UTC [policies] Evaluate -> DEBU 3ca Signature set did not satisfy policy /Channel/Application/Org1MSP/Admins
2018-08-18 07:23:49.860 UTC [policies] Evaluate -> DEBU 3cb == Done Evaluating *cauthdsl.policy Policy /Channel/Application/Org1MSP/Admins
2018-08-18 07:23:49.860 UTC [policies] func1 -> DEBU 3cc Evaluation Failed: Only 0 policies were satisfied, but needed 1 of [ Org1MSP.Admins ]
2018-08-18 07:23:49.860 UTC [policies] Evaluate -> DEBU 3cd Signature set did not satisfy policy /Channel/Application/ChannelCreationPolicy
2018-08-18 07:23:49.860 UTC [policies] Evaluate -> DEBU 3ce == Done Evaluating *policies.implicitMetaPolicy Policy /Channel/Application/ChannelCreationPolicy
2018-08-18 07:23:49.860 UTC [orderer/common/broadcast] Handle -> WARN 3cf [channel: mychannel] Rejecting broadcast of config message from 172.18.0.1:51832 because of error: error authorizing update: error validating DeltaSet: policy for [Group] /Channel/Application not satisfied: Failed to reach implicit threshold of 1 sub-policies, required 1 remaining
我不知道为什么以及出于什么原因弹出错误
我config.yaml的意思Go-SDK是
name: "basic-network"
version: 1.0.0
client:
organization: org1
logging:
level: info
# Root of the MSP directories with keys and certs.
cryptoconfig:
path: ${GOPATH}/src/github.com/nithin/test/network/crypto-config
# Some SDKs support pluggable KV stores, the properties under "credentialStore" are implementation specific
credentialStore:
path: /tmp/basic-store
# [Optional]. Specific to the CryptoSuite implementation used by GO SDK. Software-based implementations requiring a key store. PKCS#11 based implementations does not.
cryptoStore:
path: /tmp/basic-msp
# BCCSP config for the client. Used by GO SDK.
BCCSP:
security:
enabled: true
default:
provider: "SW"
hashAlgorithm: "SHA2"
softVerify: true
level: 256
tlsCerts:
# [Optional]. Use system certificate pool when connecting to peers, orderers (for negotiating TLS) Default: false
systemCertPool: false
# [Optional]. Client key and cert for TLS handshake with peers and orderers
client:
keyfile:
certfile:
#
# [Optional]. But most apps would have this section so that channel objects can be constructed
# based on the content below. If an app is creating channels, then it likely will not need this
# section.
#
channels:
# name of the channel
mychannel:
# Required. list of orderers designated by the application to use for transactions on this
# channel. This list can be a result of access control ("org1" can only access "ordererA"), or
# operational decisions to share loads from applications among the orderers. The values must
# be "names" of orgs defined under "organizations/peers"
# deprecated: not recommended, to override any orderer configuration items, entity matchers should be used.
# orderers:
# - orderer.example.com
# Required. list of peers from participating orgs
peers:
peer0.org1.example.com:
# [Optional]. will this peer be sent transaction proposals for endorsement? The peer must
# have the chaincode installed. The app can also use this property to decide which peers
# to send the chaincode install request. Default: true
endorsingPeer: true
# [Optional]. will this peer be sent query proposals? The peer must have the chaincode
# installed. The app can also use this property to decide which peers to send the
# chaincode install request. Default: true
chaincodeQuery: true
# [Optional]. will this peer be sent query proposals that do not require chaincodes, like
# queryBlock(), queryTransaction(), etc. Default: true
ledgerQuery: true
# [Optional]. will this peer be the target of the SDK's listener registration? All peers can
# produce events but the app typically only needs to connect to one to listen to events.
# Default: true
eventSource: true
policies:
#[Optional] options for retrieving channel configuration blocks
queryChannelConfig:
#[Optional] min number of success responses (from targets/peers)
minResponses: 1
#[Optional] channel config will be retrieved for these number of random targets
maxTargets: 1
#[Optional] retry options for query config block
retryOpts:
#[Optional] number of retry attempts
attempts: 5
#[Optional] the back off interval for the first retry attempt
initialBackoff: 500ms
#[Optional] the maximum back off interval for any retry attempt
maxBackoff: 5s
#[Optional] he factor by which the initial back off period is exponentially incremented
backoffFactor: 2.0
#
# list of participating organizations in this network
#
organizations:
org1:
mspid: org1.example.com
cryptoPath: peerOrganizations/org1.example.com/users/{userName}@org1.example.com/msp
peers:
- peer0.org1.example.com
# [Optional]. Certificate Authorities issue certificates for identification purposes in a Fabric based
# network. Typically certificates provisioning is done in a separate process outside of the
# runtime network. Fabric-CA is a special certificate authority that provides a REST APIs for
# dynamic certificate management (enroll, revoke, re-enroll). The following section is only for
# Fabric-CA servers.
certificateAuthorities:
- ca.example.com
#
# List of orderers to send transaction and channel create/update requests to. For the time
# being only one orderer is needed. If more than one is defined, which one get used by the
# SDK is implementation specific. Consult each SDK's documentation for its handling of orderers.
#
orderers:
orderer.example.com:
url: localhost:7050
# these are standard properties defined by the gRPC library
# they will be passed in as-is to gRPC client constructor
grpcOptions:
ssl-target-name-override: orderer.example.com
# These parameters should be set in coordination with the keepalive policy on the server,
# as incompatible settings can result in closing of connection.
# When duration of the 'keep-alive-time' is set to 0 or less the keep alive client parameters are disabled
keep-alive-time: 0s
keep-alive-timeout: 20s
keep-alive-permit: false
fail-fast: false
# allow-insecure will be taken into consideration if address has no protocol defined, if true then grpc or else grpcs
allow-insecure: false
tlsCACerts:
# Certificate location absolute path
path: ${GOPATH}/src/github.com/nithin/test/network/crypto-config/ordererOrganizations/example.com/tlsca/tlsca.example.com-cert.pem
#
# List of peers to send various requests to, including endorsement, query
# and event listener registration.
#
peers:
peer0.org1.example.com:
# this URL is used to send endorsement and query requests
url: localhost:7051
# eventUrl is only needed when using eventhub (default is delivery service)
eventUrl: localhost:7053
grpcOptions:
ssl-target-name-override: peer0.org1.example.com
# These parameters should be set in coordination with the keepalive policy on the server,
# as incompatible settings can result in closing of connection.
# When duration of the 'keep-alive-time' is set to 0 or less the keep alive client parameters are disabled
keep-alive-time: 0s
keep-alive-timeout: 20s
keep-alive-permit: false
fail-fast: false
# allow-insecure will be taken into consideration if address has no protocol defined, if true then grpc or else grpcs
allow-insecure: false
tlsCACerts:
# Certificate location absolute path
path: ${GOPATH}/src/github.com/nithin/test/network/crypto-config/peerOrganizations/org1.example.com/tlsca/tlsca.org1.example.com-cert.pem
#
# Fabric-CA is a special kind of Certificate Authority provided by Hyperledger Fabric which allows
# certificate management to be done via REST APIs. Application may choose to use a standard
# Certificate Authority instead of Fabric-CA, in which case this section would not be specified.
#
certificateAuthorities:
ca.example.com:
url: http://localhost:7054
# Fabric-CA supports dynamic user enrollment via REST APIs. A "root" user, a.k.a registrar, is
# needed to enroll and invoke new users.
httpOptions:
verify: false
registrar:
enrollId: admin
enrollSecret: adminpw
# [Optional] The optional name of the CA.
caName: ca.example.com
tlsCACerts:
# Certificate location absolute path
path: ${GOPATH}/src/github.com/nithin/test/network/crypto-config/peerOrganizations/org1.example.com/ca/ca.org1.example.com-cert.pem
entityMatchers:
peer:
- pattern: (\w*)peer0.org1.example.com(\w*)
urlSubstitutionExp: localhost:7051
eventUrlSubstitutionExp: localhost:7053
sslTargetOverrideUrlSubstitutionExp: peer0.org1.example.com
mappedHost: peer0.org1.example.com
orderer:
- pattern: (\w+).example.(\w+)
urlSubstitutionExp: grpc://localhost:7050
sslTargetOverrideUrlSubstitutionExp: orderer.example.com
mappedHost: orderer.example.com
certificateAuthorities:
- pattern: (\w*)ca.example.com(\w*)
urlSubstitutionExp: http://localhost:7054
mappedHost: ca.example.com