0

我已经部署了一个AWS 管理的 Hyperledger Fabric v1.4.7 区块链。HLF 区块链网络和 EC2 实例(hlf-client)在同一个 VPC 中,一切似乎都运行良好,因为我能够使用cli容器调用事务。

我有我的客户端应用程序,它使用fabric-sdk-go 网关 API连接到使用connection-profile.yaml调用/查询区块链的结构网络。cli此客户端应用程序在与具有所有必要安全配置的容器相同的 EC2 实例上的 docker 容器中运行。客户端应用程序无法连接到结构网络,因为bad certificate error

客户端应用程序上的错误日志是:

[fabsdk/util] 2021/11/02 09:55:17 UTC - lazyref.(*Reference).refreshValue -> WARN Error - initializer returned error: QueryBlockConfig failed: QueryBlockConfig failed: queryChaincode failed: Transaction processing for endorser [nd-cjfwwnimujabllevl6yitqqmxi.m-l3ascxxbincwrbtirbgpp4bp7u.n-rh3k6kahfnd6bgtxxgru7c3b5q.managedblockchain.ap-southeast-1.amazonaws.com:30003]: Endorser Client Status Code: (2) CONNECTION_FAILED. Description: dialing connection on target [nd-cjfwwnimujabllevl6yitqqmxi.m-l3ascxxbincwrbtirbgpp4bp7u.n-rh3k6kahfnd6bgtxxgru7c3b5q.managedblockchain.ap-southeast-1.amazonaws.com:30003]: connection is in TRANSIENT_FAILURE. Will retry again later

对应的对等日志为:

[36m2021-11-02 10:07:17.789 UTC [grpc] handleRawConn -> DEBU 39501a[0m grpc: Server.Serve failed to complete security handshake from "10.0.2.131:39100": remote error: tls: bad certificate

[31m2021-11-02 10:10:17.809 UTC [core.comm] ServerHandshake -> ERRO 395322[0m TLS handshake failed with error remote error: tls: bad certificate server=PeerServer remoteaddress=10.0.2.131:12696

cli在使用相同的证书文件调用事务时。谁能告诉我这里的设置有什么问题或者我错过了任何其他配置?

我已经生成了ccp (connection-profile.yaml),如下所示:

---
name: n-RH3K6KAHFND6BGTXXGRU7C3B5Q
version: 1.0.0
client:
  organization: Org1
  connection:
    timeout:
      peer:
        endorser: "300"
channels:
  mychannel:
    peers:
      nd-CJFWWNIMUJABLLEVL6YITQQMXI:
        endorsingPeer: true
        chaincodeQuery: true
        ledgerQuery: true
        eventSource: true
organizations:
  Org1:
    mspid: m-L3ASCXXBINCWRBTIRBGPP4BP7U
    peers:
      - nd-CJFWWNIMUJABLLEVL6YITQQMXI
    certificateAuthorities:
      - m-L3ASCXXBINCWRBTIRBGPP4BP7U
peers:
  nd-CJFWWNIMUJABLLEVL6YITQQMXI:
    url: grpcs://nd-cjfwwnimujabllevl6yitqqmxi.m-l3ascxxbincwrbtirbgpp4bp7u.n-rh3k6kahfnd6bgtxxgru7c3b5q.managedblockchain.managedblockchain.us-east-1.amazonaws.com:30003
    eventUrl: grpcs://nd-cjfwwnimujabllevl6yitqqmxi.m-l3ascxxbincwrbtirbgpp4bp7u.n-rh3k6kahfnd6bgtxxgru7c3b5q.managedblockchain.managedblockchain.us-east-1.amazonaws.com:30004
    grpcOptions:
      ssl-target-name-override: nd-CJFWWNIMUJABLLEVL6YITQQMXI
    tlsCACerts:
      path: /home/ec2-user/managedblockchain-tls-chain.pem
certificateAuthorities:
  m-L3ASCXXBINCWRBTIRBGPP4BP7U:
    url: https://ca.m-l3ascxxbincwrbtirbgpp4bp7u.n-rh3k6kahfnd6bgtxxgru7c3b5q.managedblockchain.managedblockchain.us-east-1.amazonaws.com:30002
    httpOptions:
      verify: false
    tlsCACerts:
      path: /home/ec2-user/managedblockchain-tls-chain.pem
    caName: m-L3ASCXXBINCWRBTIRBGPP4BP7U
4

1 回答 1

0

以下解决方案适用于:

  • HLF v1.4.7 AWS 托管区块链
  • Fabric客户端[fabric-sdk-go v1.0.0]网关编程模型

要解决此问题,只需删除该grpcOptions

于 2021-11-04T08:01:53.043 回答