4

背景: 我已经修改了第一个网络文件(到一个有 2 个组织和每个对等点的网络)并在上面安装了我自己的链代码。此外,我制作了一个 connection.yaml 文件来与网络交互。

问题: 但是当我尝试从nodeSDK获取网络通道并建立网关时,我遇到了这个错误:

错误:[网络]:_initializeInternalChannel:无法初始化通道。尝试联系 2 位同行。最后一个错误是 Error: 2 UNKNOWN: Stream removed

无法评估事务:错误:无法初始化通道。尝试联系 2 位同行。最后一个错误是 Error: 2 UNKNOWN: Stream removed

您可以在下面找到我客户端的代码。执行时可能会出现错误gateway.getNetwork('mychannel')

let connectionProfile = yaml.safeLoad(fs.readFileSync('./connection.yaml', 'utf8'));
// Create a new gateway for connecting to our peer node.
const gateway = new Gateway();
await gateway.connect(connectionProfile, { wallet, identity: 'user1', discovery: { enabled: false } });
// Get the network (channel) our contract is deployed to.
const network = await gateway.getNetwork('mychannel');
// Get the contract from the network.

const contract = network.getContract('bankpeerContract');
var result = await contract.evaluateTransaction('queryAllStamps');

这是我的 connection.yaml 文件:

---
name: mychannel.firstnetwork.connectionprofile
x-type: "hlfv1"
description: "BankPeerContract methods will be used through this profile"
version: "1.0"

channels:
  mychannel:
    orderers:
      - orderer.example.com
    peers:
      peer0.org1.example.com:
        endorsingPeer: true
        chaincodeQuery: true
        ledgerQuery: true
        eventSource: true
      peer0.org2.example.com:
        endorsingPeer: true
        chaincodeQuery: true
        ledgerQuery: true
        eventSource: true

organizations:
  Org1:
    mspid: Org1MSP
    peers:
      - peer0.org1.example.com
    certificateAuthorities:
      - certificate-authority-org1
    adminPrivateKey:
      path: ../first-network/crypto-config/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp/keystore/63145b12cd86abb07b6b5797c5e9506faa8f799e81d3c71d11a6a60840e3b6ae_sk
    signedCert:
      path: ../first-network/crypto-config/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp/signcerts/Admin@org1.example.com-cert.pem

  Org2:
    mspid: Org2MSP
    peers:
      - peer0.org2.example.com
    certificateAuthorities:
      - certificate-authority-org2
    adminPrivateKey:
      path: ../first-network/crypto-config/peerOrganizations/org2.example.com/users/Admin@org2.example.com/msp/keystore/4d9b19fdcce70620b45760f5d62c7c877200ab38553b7a8b85245b04ca0e8bdd_sk
    signedCert:
      path: ../first-network/crypto-config/peerOrganizations/org2.example.com/users/Admin@org2.example.com/msp/signcerts/Admin@org2.example.com-cert.pem

orderers:
  orderer.example.com:
    url: grpc://localhost:7050
    grpcOptions:
      ssl-target-name-override: orderer.example.com
    tlsCACerts:
      path: ../first-network/crypto-config/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem

peers:
  peer0.org1.example.com:
    url: grpc://localhost:7051
    grpcOptions:
      ssl-target-name-override: peer0.org1.example.com
      request-timeout: 120001
    tlsCACerts:
      path: ../first-network/crypto-config/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/msp/tlscacerts/tlsca.org1.example.com-cert.pem

  peer0.org2.example.com:
    url: grpc://localhost:9051
    grpcOptions:
      ssl-target-name-override: peer0.org2.example.com
      request-timeout: 120001
    tlsCACerts:
      path: ../first-network/crypto-config/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/msp/tlscacerts/tlsca.org2.example.com-cert.pem

certificateAuthorities:
  ca-org1:
    url: http://localhost:7054
    httpOptions:
      verify: false
    tlsCACerts:
      path: ../first-network/crypto-config/peerOrganizations/org1.example.com/ca/ca.org1.example.com-cert.pem
    registrar:
      - enrollId: admin
        enrollSecret: adminpw
    caName: certificate-authority-org1
  ca-org2:
    url: http://localhost:8054
    httpOptions:
      verify: false
    tlsCACerts:
      path: ../first-network/crypto-config/peerOrganizations/org2.example.com/ca/ca.org2.example.com-cert.pem
    registrar:
      - enrollId: admin
        enrollSecret: adminpw
    caName: certificate-authority-org2

我一直无法弄清楚是connection.yaml文件有问题还是网络有问题。

4

1 回答 1

7

BYFN/EFYN 在所有 Fabric 节点(对等节点、排序节点、证书颁发机构)上启用 TLS 以保护通信。您的连接配置文件包含“grpc://”和“http://”网址 - 这些网址应更改为“grpcs://”和“https://”。看起来 TLS CA 证书是正确的。

于 2019-03-20T12:04:31.870 回答