Develop Reference

Chaincode Deployment Failed on Peer1 - linux

Hi I am getting the following Error when Installing the chaincode. I have tried everything but still no clue what is happening.Please help me on this.
2022-01-28 12:36:06.833 IST 0001 INFO [chaincodeCmd] ClientWait -> txid [cd68692e297f8bee9e6dbfdd726467901875683e411c1fb8b1580b7ab358b952] committed with status (MVCC_READ_CONFLICT) at localhost:8051
Error: transaction invalidated with status (MVCC_READ_CONFLICT)
Chaincode definition approved on peer1.org1 on channel 'mychannel' failed
Deploying chaincode failed
This is configtx-
Organizations:
- &OrdererOrg
Name: OrdererOrg
ID: OrdererMSP
MSPDir: ../organizations/ordererOrganizations/example.com/msp
Policies:
Readers:
Type: Signature
Rule: "OR('OrdererMSP.member')"
Writers:
Type: Signature
Rule: "OR('OrdererMSP.member')"
Admins:
Type: Signature
Rule: "OR('OrdererMSP.admin')"
OrdererEndpoints:
- orderer.example.com:7050
- &Org1
Name: Org1MSP
ID: Org1MSP
MSPDir: ../organizations/peerOrganizations/org1.example.com/msp
Policies:
Readers:
Type: Signature
Rule: "OR('Org1MSP.admin', 'Org1MSP.peer', 'Org1MSP.client')"
Writers:
Type: Signature
Rule: "OR('Org1MSP.admin', 'Org1MSP.client')"
Admins:
Type: Signature
Rule: "OR('Org1MSP.admin')"
Endorsement:
Type: Signature
Rule: "OR('Org1MSP.peer')"
- &Org2
Name: Org2MSP
ID: Org2MSP
MSPDir: ../organizations/peerOrganizations/org2.example.com/msp
Policies:
Readers:
Type: Signature
Rule: "OR('Org2MSP.admin', 'Org2MSP.peer', 'Org2MSP.client')"
Writers:
Type: Signature
Rule: "OR('Org2MSP.admin', 'Org2MSP.client')"
Admins:
Type: Signature
Rule: "OR('Org2MSP.admin')"
Endorsement:
Type: Signature
Rule: "OR('Org2MSP.peer')"
- &Org3
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: Org3MSP
# ID to load the MSP definition as
ID: Org3MSP
MSPDir: ../organizations/peerOrganizations/org3.example.com/msp
# Policies defines the set of policies at this level of the config tree
# For organization policies, their canonical path is usually
# /Channel/<Application|Orderer>/<OrgName>/<PolicyName>
Policies:
Readers:
Type: Signature
Rule: "OR('Org3MSP.admin', 'Org3MSP.peer', 'Org3MSP.client')"
Writers:
Type: Signature
Rule: "OR('Org3MSP.admin', 'Org3MSP.client')"
Admins:
Type: Signature
Rule: "OR('Org3MSP.admin')"
Endorsement:
Type: Signature
Rule: "OR('Org3MSP.peer')"
- &Org4
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: Org4MSP
# ID to load the MSP definition as
ID: Org4MSP
MSPDir: ../organizations/peerOrganizations/org4.example.com/msp
# Policies defines the set of policies at this level of the config tree
# For organization policies, their canonical path is usually
# /Channel/<Application|Orderer>/<OrgName>/<PolicyName>
Policies:
Readers:
Type: Signature
Rule: "OR('Org4MSP.admin', 'Org4MSP.peer', 'Org4MSP.client')"
Writers:
Type: Signature
Rule: "OR('Org4MSP.admin', 'Org4MSP.client')"
Admins:
Type: Signature
Rule: "OR('Org4MSP.admin')"
Endorsement:
Type: Signature
Rule: "OR('Org4MSP.peer')"
################################################################################
#
# SECTION: Capabilities
#
# - This section defines the capabilities of fabric network. This is a new
# concept as of v1.1.0 and should not be utilized in mixed networks with
# v1.0.x peers and orderers. Capabilities define features which must be
# present in a fabric binary for that binary to safely participate in the
# fabric network. For instance, if a new MSP type is added, newer binaries
# might recognize and validate the signatures from this type, while older
# binaries without this support would be unable to validate those
# transactions. This could lead to different versions of the fabric binaries
# having different world states. Instead, defining a capability for a channel
# informs those binaries without this capability that they must cease
# processing transactions until they have been upgraded. For v1.0.x if any
# capabilities are defined (including a map with all capabilities turned off)
# then the v1.0.x peer will deliberately crash.
#
################################################################################
Capabilities:
# Channel capabilities apply to both the orderers and the peers and must be
# supported by both.
# Set the value of the capability to true to require it.
Channel: &ChannelCapabilities
# V2_0 capability ensures that orderers and peers behave according
# to v2.0 channel capabilities. Orderers and peers from
# prior releases would behave in an incompatible way, and are therefore
# not able to participate in channels at v2.0 capability.
# Prior to enabling V2.0 channel capabilities, ensure that all
# orderers and peers on a channel are at v2.0.0 or later.
V2_0: true
# Orderer capabilities apply only to the orderers, and may be safely
# used with prior release peers.
# Set the value of the capability to true to require it.
Orderer: &OrdererCapabilities
# V2_0 orderer capability ensures that orderers behave according
# to v2.0 orderer capabilities. Orderers from
# prior releases would behave in an incompatible way, and are therefore
# not able to participate in channels at v2.0 orderer capability.
# Prior to enabling V2.0 orderer capabilities, ensure that all
# orderers on channel are at v2.0.0 or later.
V2_0: true
# Application capabilities apply only to the peer network, and may be safely
# used with prior release orderers.
# Set the value of the capability to true to require it.
Application: &ApplicationCapabilities
# V2_0 application capability ensures that peers behave according
# to v2.0 application capabilities. Peers from
# prior releases would behave in an incompatible way, and are therefore
# not able to participate in channels at v2.0 application capability.
# Prior to enabling V2.0 application capabilities, ensure that all
# peers on channel are at v2.0.0 or later.
V2_0: true
################################################################################
#
# SECTION: Application
#
# - This section defines the values to encode into a config transaction or
# genesis block for application related parameters
#
################################################################################
Application: &ApplicationDefaults
# Organizations is the list of orgs which are defined as participants on
# the application side of the network
Organizations:
# Policies defines the set of policies at this level of the config tree
# For Application policies, their canonical path is
# /Channel/Application/<PolicyName>
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
LifecycleEndorsement:
Type: ImplicitMeta
Rule: "MAJORITY Endorsement"
Endorsement:
Type: ImplicitMeta
Rule: "MAJORITY Endorsement"
Capabilities:
<<: *ApplicationCapabilities
################################################################################
#
# SECTION: Orderer
#
# - This section defines the values to encode into a config transaction or
# genesis block for orderer related parameters
#
################################################################################
Orderer: &OrdererDefaults
# Orderer Type: The orderer implementation to start
OrdererType: etcdraft
# Addresses used to be the list of orderer addresses that clients and peers
# could connect to. However, this does not allow clients to associate orderer
# addresses and orderer organizations which can be useful for things such
# as TLS validation. The preferred way to specify orderer addresses is now
# to include the OrdererEndpoints item in your org definition
Addresses:
- orderer.example.com:7050
EtcdRaft:
Consenters:
- Host: orderer.example.com
Port: 7050
ClientTLSCert: ../organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls/server.crt
ServerTLSCert: ../organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls/server.crt
# Batch Timeout: The amount of time to wait before creating a batch
BatchTimeout: 2s
# Batch Size: Controls the number of messages batched into a block
BatchSize:
# Max Message Count: The maximum number of messages to permit in a batch
MaxMessageCount: 10
# Absolute Max Bytes: The absolute maximum number of bytes allowed for
# the serialized messages in a batch.
AbsoluteMaxBytes: 99 MB
# Preferred Max Bytes: The preferred maximum number of bytes allowed for
# the serialized messages in a batch. A message larger than the preferred
# max bytes will result in a batch larger than preferred max bytes.
PreferredMaxBytes: 512 KB
# Organizations is the list of orgs which are defined as participants on
# the orderer side of the network
Organizations:
# Policies defines the set of policies at this level of the config tree
# For Orderer policies, their canonical path is
# /Channel/Orderer/<PolicyName>
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
# BlockValidation specifies what signatures must be included in the block
# from the orderer for the peer to validate it.
BlockValidation:
Type: ImplicitMeta
Rule: "ANY Writers"
################################################################################
#
# CHANNEL
#
# This section defines the values to encode into a config transaction or
# genesis block for channel related parameters.
#
################################################################################
Channel: &ChannelDefaults
# Policies defines the set of policies at this level of the config tree
# For Channel policies, their canonical path is
# /Channel/<PolicyName>
Policies:
# Who may invoke the 'Deliver' API
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
# Who may invoke the 'Broadcast' API
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
# By default, who may modify elements at this config level
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
# Capabilities describes the channel level capabilities, see the
# dedicated Capabilities section elsewhere in this file for a full
# description
Capabilities:
<<: *ChannelCapabilities
################################################################################
#
# Profile
#
# - Different configuration profiles may be encoded here to be specified
# as parameters to the configtxgen tool
#
################################################################################
Profiles:
OrgsOrdererGenesis:
<<: *ChannelDefaults
Orderer:
<<: *OrdererDefaults
Organizations:
- *OrdererOrg
Capabilities:
<<: *OrdererCapabilities
Consortiums:
SampleConsortium:
Organizations:
- *Org1
- *Org2
- *Org3
- *Org4
OrgsChannel:
Consortium: SampleConsortium
<<: *ChannelDefaults
Application:
<<: *ApplicationDefaults
Organizations:
- *Org1
- *Org2
- *Org3
- *Org4
Capabilities:
<<: *ApplicationCapabilities
This is my deployCC.sh script which I am using for installing the chaincode. I am actually using the command ./network.sh deployCC command.
#!/bin/bash
source scripts/utils.sh
CHANNEL_NAME=${1:-"mychannel"}
CC_NAME=${2}
CC_SRC_PATH=${3}
CC_SRC_LANGUAGE=${4}
CC_VERSION=${5:-"1.0"}
CC_SEQUENCE=${6:-"1"}
CC_INIT_FCN=${7:-"NA"}
CC_END_POLICY=${8:-"NA"}
CC_COLL_CONFIG=${9:-"NA"}
DELAY=${10:-"3"}
MAX_RETRY=${11:-"5"}
VERBOSE=${12:-"false"}
println "executing with the following"
println "- CHANNEL_NAME: ${C_GREEN}${CHANNEL_NAME}${C_RESET}"
println "- CC_NAME: ${C_GREEN}${CC_NAME}${C_RESET}"
println "- CC_SRC_PATH: ${C_GREEN}${CC_SRC_PATH}${C_RESET}"
println "- CC_SRC_LANGUAGE: ${C_GREEN}${CC_SRC_LANGUAGE}${C_RESET}"
println "- CC_VERSION: ${C_GREEN}${CC_VERSION}${C_RESET}"
println "- CC_SEQUENCE: ${C_GREEN}${CC_SEQUENCE}${C_RESET}"
println "- CC_END_POLICY: ${C_GREEN}${CC_END_POLICY}${C_RESET}"
println "- CC_COLL_CONFIG: ${C_GREEN}${CC_COLL_CONFIG}${C_RESET}"
println "- CC_INIT_FCN: ${C_GREEN}${CC_INIT_FCN}${C_RESET}"
println "- DELAY: ${C_GREEN}${DELAY}${C_RESET}"
println "- MAX_RETRY: ${C_GREEN}${MAX_RETRY}${C_RESET}"
println "- VERBOSE: ${C_GREEN}${VERBOSE}${C_RESET}"
FABRIC_CFG_PATH=$PWD/../config/
#User has not provided a name
if [ -z "$CC_NAME" ] || [ "$CC_NAME" = "NA" ]; then
fatalln "No chaincode name was provided. Valid call example: ./network.sh deployCC -ccn basic -ccp ../asset-transfer-basic/chaincode-go -ccl go"
# User has not provided a path
elif [ -z "$CC_SRC_PATH" ] || [ "$CC_SRC_PATH" = "NA" ]; then
fatalln "No chaincode path was provided. Valid call example: ./network.sh deployCC -ccn basic -ccp ../asset-transfer-basic/chaincode-go -ccl go"
# User has not provided a language
elif [ -z "$CC_SRC_LANGUAGE" ] || [ "$CC_SRC_LANGUAGE" = "NA" ]; then
fatalln "No chaincode language was provided. Valid call example: ./network.sh deployCC -ccn basic -ccp ../asset-transfer-basic/chaincode-go -ccl go"
## Make sure that the path to the chaincode exists
elif [ ! -d "$CC_SRC_PATH" ]; then
fatalln "Path to chaincode does not exist. Please provide different path."
fi
CC_SRC_LANGUAGE=$(echo "$CC_SRC_LANGUAGE" | tr [:upper:] [:lower:])
# do some language specific preparation to the chaincode before packaging
if [ "$CC_SRC_LANGUAGE" = "go" ]; then
CC_RUNTIME_LANGUAGE=golang
infoln "Vendoring Go dependencies at $CC_SRC_PATH"
pushd $CC_SRC_PATH
GO111MODULE=on go mod vendor
popd
successln "Finished vendoring Go dependencies"
elif [ "$CC_SRC_LANGUAGE" = "java" ]; then
CC_RUNTIME_LANGUAGE=java
infoln "Compiling Java code..."
pushd $CC_SRC_PATH
./gradlew installDist
popd
successln "Finished compiling Java code"
CC_SRC_PATH=$CC_SRC_PATH/build/install/$CC_NAME
elif [ "$CC_SRC_LANGUAGE" = "javascript" ]; then
CC_RUNTIME_LANGUAGE=node
elif [ "$CC_SRC_LANGUAGE" = "typescript" ]; then
CC_RUNTIME_LANGUAGE=node
infoln "Compiling TypeScript code into JavaScript..."
pushd $CC_SRC_PATH
npm install
npm run build
popd
successln "Finished compiling TypeScript code into JavaScript"
else
fatalln "The chaincode language ${CC_SRC_LANGUAGE} is not supported by this script. Supported chaincode languages are: go, java, javascript, and typescript"
exit 1
fi
INIT_REQUIRED="--init-required"
# check if the init fcn should be called
if [ "$CC_INIT_FCN" = "NA" ]; then
INIT_REQUIRED=""
fi
if [ "$CC_END_POLICY" = "NA" ]; then
CC_END_POLICY=""
else
CC_END_POLICY="--signature-policy $CC_END_POLICY"
fi
if [ "$CC_COLL_CONFIG" = "NA" ]; then
CC_COLL_CONFIG=""
else
CC_COLL_CONFIG="--collections-config $CC_COLL_CONFIG"
fi
# import utils
. scripts/envVar.sh
packageChaincode() {
set -x
peer lifecycle chaincode package ${CC_NAME}.tar.gz --path ${CC_SRC_PATH} --lang ${CC_RUNTIME_LANGUAGE} --label ${CC_NAME}_${CC_VERSION} >&log.txt
res=$?
{ set +x; } 2>/dev/null
cat log.txt
verifyResult $res "Chaincode packaging has failed"
successln "Chaincode is packaged"
}
# installChaincode PEER ORG
installChaincode() {
ORG=$1
PEER=$2
setGlobals $ORG $PEER
set -x
peer lifecycle chaincode install ${CC_NAME}.tar.gz >&log.txt
res=$?
{ set +x; } 2>/dev/null
cat log.txt
verifyResult $res "Chaincode installation on peer${PEER}.org${ORG} has failed"
successln "Chaincode is installed on peer${PEER}.org${ORG}"
}
# queryInstalled PEER ORG
queryInstalled() {
ORG=$1
PEER=$2
setGlobals $ORG $PEER
set -x
peer lifecycle chaincode queryinstalled >&log.txt
res=$?
{ set +x; } 2>/dev/null
cat log.txt
PACKAGE_ID=$(sed -n "/${CC_NAME}_${CC_VERSION}/{s/^Package ID: //; s/, Label:.*$//; p;}" log.txt)
verifyResult $res "Query installed on peer${PEER}.org${ORG} has failed"
successln "Query installed successful on peer${PEER}.org${ORG} on channel"
}
# approveForMyOrg VERSION PEER ORG
approveForMyOrg() {
ORG=$1
PEER=$2
setGlobals $ORG $PEER
set -x
peer lifecycle chaincode approveformyorg -o localhost:7050 --ordererTLSHostnameOverride orderer.example.com --tls --cafile $ORDERER_CA --channelID $CHANNEL_NAME --name ${CC_NAME} --version ${CC_VERSION} --package-id ${PACKAGE_ID} --sequence ${CC_SEQUENCE} ${INIT_REQUIRED} ${CC_END_POLICY} ${CC_COLL_CONFIG} >&log.txt
res=$?
{ set +x; } 2>/dev/null
cat log.txt
verifyResult $res "Chaincode definition approved on peer${PEER}.org${ORG} on channel '$CHANNEL_NAME' failed"
successln "Chaincode definition approved on peer${PEER}.org${ORG} on channel '$CHANNEL_NAME'"
}
# checkCommitReadiness VERSION PEER ORG
checkCommitReadiness() {
ORG=$1
PEER=$2
shift 1
setGlobals $ORG $PEER
infoln "Checking the commit readiness of the chaincode definition on peer${PEER}.org${ORG} on channel '$CHANNEL_NAME'..."
local rc=1
local COUNTER=1
# continue to poll
# we either get a successful response, or reach MAX RETRY
while [ $rc -ne 0 -a $COUNTER -lt $MAX_RETRY ]; do
sleep $DELAY
infoln "Attempting to check the commit readiness of the chaincode definition on peer${PEER}.org${ORG}, Retry after $DELAY seconds."
set -x
peer lifecycle chaincode checkcommitreadiness --channelID $CHANNEL_NAME --name ${CC_NAME} --version ${CC_VERSION} --sequence ${CC_SEQUENCE} ${INIT_REQUIRED} ${CC_END_POLICY} ${CC_COLL_CONFIG} --output json >&log.txt
res=$?
{ set +x; } 2>/dev/null
let rc=0
for var in "$#"; do
grep "$var" log.txt &>/dev/null || let rc=1
done
COUNTER=$(expr $COUNTER + 1)
done
cat log.txt
if test $rc -eq 0; then
infoln "Checking the commit readiness of the chaincode definition successful on peer${PEER}.org${ORG} on channel '$CHANNEL_NAME'"
else
fatalln "After $MAX_RETRY attempts, Check commit readiness result on peer${PEER}.org${ORG} is INVALID!"
fi
}
# commitChaincodeDefinition VERSION PEER ORG (PEER ORG)...
commitChaincodeDefinition() {
parsePeerConnectionParameters $#
res=$?
verifyResult $res "Invoke transaction failed on channel '$CHANNEL_NAME' due to uneven number of peer and org parameters "
# while 'peer chaincode' command can get the orderer endpoint from the
# peer (if join was successful), let's supply it directly as we know
# it using the "-o" option
set -x
peer lifecycle chaincode commit -o localhost:7050 --ordererTLSHostnameOverride orderer.example.com --tls --cafile $ORDERER_CA --channelID $CHANNEL_NAME --name ${CC_NAME} $PEER_CONN_PARMS --version ${CC_VERSION} --sequence ${CC_SEQUENCE} ${INIT_REQUIRED} ${CC_END_POLICY} ${CC_COLL_CONFIG} >&log.txt
res=$?
{ set +x; } 2>/dev/null
cat log.txt
verifyResult $res "Chaincode definition commit failed on ${PEER} on channel '$CHANNEL_NAME' failed"
successln "Chaincode definition committed on channel '$CHANNEL_NAME'"
}
# queryCommitted ORG
queryCommitted() {
ORG=$1
PEER=$2
setGlobals $ORG $PEER
EXPECTED_RESULT="Version: ${CC_VERSION}, Sequence: ${CC_SEQUENCE}, Endorsement Plugin: escc, Validation Plugin: vscc"
infoln "Querying chaincode definition on peer${PEER}.org${ORG} on channel '$CHANNEL_NAME'..."
local rc=1
local COUNTER=1
# continue to poll
# we either get a successful response, or reach MAX RETRY
while [ $rc -ne 0 -a $COUNTER -lt $MAX_RETRY ]; do
sleep $DELAY
infoln "Attempting to Query committed status on peer${PEER}.org${ORG}, Retry after $DELAY seconds."
set -x
peer lifecycle chaincode querycommitted --channelID $CHANNEL_NAME --name ${CC_NAME} >&log.txt
res=$?
{ set +x; } 2>/dev/null
test $res -eq 0 && VALUE=$(cat log.txt | grep -o '^Version: '$CC_VERSION', Sequence: [0-9]*, Endorsement Plugin: escc, Validation Plugin: vscc')
test "$VALUE" = "$EXPECTED_RESULT" && let rc=0
COUNTER=$(expr $COUNTER + 1)
done
cat log.txt
if test $rc -eq 0; then
successln "Query chaincode definition successful on peer${PEER}.org${ORG} on channel '$CHANNEL_NAME'"
else
fatalln "After $MAX_RETRY attempts, Query chaincode definition result on peer${PEER}.org${ORG} is INVALID!"
fi
}
chaincodeInvokeInit() {
parsePeerConnectionParameters $#
res=$?
verifyResult $res "Invoke transaction failed on channel '$CHANNEL_NAME' due to uneven number of peer and org parameters "
# while 'peer chaincode' command can get the orderer endpoint from the
# peer (if join was successful), let's supply it directly as we know
# it using the "-o" option
set -x
fcn_call='{"function":"'${CC_INIT_FCN}'","Args":[]}'
infoln "invoke fcn call:${fcn_call}"
peer chaincode invoke -o localhost:7050 --ordererTLSHostnameOverride orderer.example.com --tls --cafile $ORDERER_CA -C $CHANNEL_NAME -n ${CC_NAME} $PEER_CONN_PARMS --isInit -c ${fcn_call} >&log.txt
res=$?
{ set +x; } 2>/dev/null
cat log.txt
verifyResult $res "Invoke execution on $PEERS failed "
successln "Invoke transaction successful on $PEERS on channel '$CHANNEL_NAME'"
}
chaincodeQuery() {
ORG=$1
PEER=$2
setGlobals $ORG $PEER
infoln "Querying on peer${PEER}.org${ORG} on channel '$CHANNEL_NAME'..."
local rc=1
local COUNTER=1
# continue to poll
# we either get a successful response, or reach MAX RETRY
while [ $rc -ne 0 -a $COUNTER -lt $MAX_RETRY ]; do
sleep $DELAY
infoln "Attempting to Query peer0.org${ORG}, Retry after $DELAY seconds."
set -x
peer chaincode query -C $CHANNEL_NAME -n ${CC_NAME} -c '{"Args":["queryAllAssets"]}' >&log.txt
res=$?
{ set +x; } 2>/dev/null
let rc=$res
COUNTER=$(expr $COUNTER + 1)
done
cat log.txt
if test $rc -eq 0; then
successln "Query successful on peer${PEER}.org${ORG} on channel '$CHANNEL_NAME'"
else
fatalln "After $MAX_RETRY attempts, Query result on peer${PEER}.org${ORG} is INVALID!"
fi
}
## package the chaincode
packageChaincode
## Install chaincode on peer0.org1 and peer0.org2
infoln "Installing chaincode on peer0.org1..."
installChaincode 1 0
infoln "Installing chaincode on peer1.org1..."
installChaincode 1 1
infoln "Install chaincode on peer0.org2..."
installChaincode 2 0
infoln "Install chaincode on peer1.org2..."
installChaincode 2 1
infoln "Install chaincode on peer0.org3..."
installChaincode 3 0
infoln "Install chaincode on peer1.org3..."
installChaincode 3 1
infoln "Install chaincode on peer0.org4..."
installChaincode 4 0
infoln "Install chaincode on peer1.org4..."
installChaincode 4 1
## query whether the chaincode is installed
queryInstalled 1 0
## approve the definition for org1
approveForMyOrg 1 0
approveForMyOrg 1 1
## check whether the chaincode definition is ready to be committed
## expect org1 to have approved and org2 not to
checkCommitReadiness 1 1
## now approve also for org2
approveForMyOrg 2 0
approveForMyOrg 2 1
## check whether the chaincode definition is ready to be committed
## expect them both to have approved
checkCommitReadiness 2 1
## now approve also for org3
approveForMyOrg 3 0
approveForMyOrg 3 1
## check whether the chaincode definition is ready to be committed
## expect them both to have approved
checkCommitReadiness 3 1
## now approve also for org4
approveForMyOrg 4 0
approveForMyOrg 4 1
## check whether the chaincode definition is ready to be committed
## expect them both to have approved
checkCommitReadiness 4 1
## now that we know for sure both orgs have approved, commit the definition
commitChaincodeDefinition 1 2 3 4
## query on both orgs to see that the definition committed successfully
queryCommitted 1 0
queryCommitted 1 1
queryCommitted 2 0
queryCommitted 2 1
queryCommitted 3 0
queryCommitted 3 1
queryCommitted 4 0
queryCommitted 4 1
## Invoke the chaincode - this does require that the chaincode have the 'initLedger'
## method defined
if [ "$CC_INIT_FCN" = "NA" ]; then
infoln "Chaincode initialization is not required"
else
chaincodeInvokeInit 1 2 3 4
fi
exit 0

It looks like you are attempting to approve the chaincode more than once for each organisation, which is unnecessary and probably why you're hitting the MVCC_READ_CONFLICT error (the error you get when a transaction reads a key which has been updated by another transaction).
From the Fabric chaincode lifecycle documentation...
Each channel member that wants to use the chaincode needs to approve a
chaincode definition for their organization. This approval needs to be
submitted to the ordering service, after which it is distributed to
all peers. This approval needs to be submitted by your Organization
Administrator. After the approval transaction has been successfully
submitted, the approved definition is stored in a collection that is
available to all the peers of your organization. As a result you only
need to approve a chaincode for your organization once, even if you
have multiple peers.

Related

The problem
I'm trying to create a network with two organizations and one channel. The peer from the first organization joins the channel without an issue, but when I try to add a peer from the second one to the channel I get this error in its logs:
2020-08-12 18:53:08.351 UTC [endorser] Validate -> WARN 110 access denied: channel expected MSP ID RegulatorMSP, received BrokerMSP channel= txID=5096f00a
2020-08-12 18:53:08.351 UTC [comm.grpc.server] 1 -> INFO 111 unary call completed grpc.service=protos.Endorser grpc.method=ProcessProposal grpc.peer_address=172.23.0.1:36922 error="error validating proposal: access denied: channel [] creator org [BrokerMSP]" grpc.code=Unknown grpc.call_duration=5.7274ms
I've been fiddling with the configuration for the last 8 hours looking for mistakes, but came up short, and it's driving me insane.
The configuration
Here is a script that I use to spin up the network:
DOCK_FOLDER=$PWD
echo '[=======================================================]'
echo '[============== A: Set up the environment ==============]'
echo '[=======================================================]'
echo '[==================== A.1: Cleanup =====================]'
./clean.sh all # this just kills docker containers and cleans up hlf artifacts
cd config
echo ''
echo '[================= A.2: Crypto Config =================]'
cryptogen generate --config=crypto-config.yaml
export FABRIC_CFG_PATH=$PWD
echo ''
echo '[=============== A.3: Block Generation ================]'
configtxgen -outputBlock ./orderer/genesis.block -channelID ordererchannel -profile CompOrdererGenesis
echo ''
echo '[============= A.4: Transaction Generation ============]'
configtxgen -outputCreateChannelTx compchannel.tx -channelID compchannel -profile CompChannel
cd $DOCK_FOLDER
echo ''
echo '[================= A.5: Docker Compose ================]'
docker-compose -f ./config/docker-compose-base.yaml up -d
echo ''
echo '[=============== A.6: Initialize CouchDB ==============]'
sleep 5
curl -X PUT <username>:<password>#couchdb.regulator.com:5984/_users
curl -X PUT <username>:<password>#couchdb.regulator.com:5984/_replicator
curl -X PUT <username>:<password>#couchdb.regulator.com:5984/_global_changes
curl -X PUT <username>:<password>#couchdb.broker.com:6984/_users
curl -X PUT <username>:<password>#couchdb.broker.com:6984/_replicator
curl -X PUT <username>:<password>#couchdb.broker.com:6984/_global_changes
sleep 10
echo ''
echo '[=======================================================]'
echo '[=========== B. Manage the network: Regulator ==========]'
echo '[=======================================================]'
echo '[========== B.1: Set context to Regulator org ==========]'
export ORG_CONTEXT="regulator"
export ORG_NAME="Regulator"
export CORE_PEER_LOCALMSPID="RegulatorMSP"
export FABRIC_LOGGING_SPEC=INFO
export FABRIC_CFG_PATH=$PWD/config/regulator
export CORE_PEER_ADDRESS=peer.regulator.com:7051
export CORE_PEER_MSPCONFIGPATH=$PWD/config/crypto-config/peerOrganizations/regulator.com/users/Admin#regulator.com/msp
export ORDERER_ADDRESS=orderer.regulator.com:7050
echo ''
echo '[========== B.2: Create compchannel channel ==========]'
peer channel create -c compchannel -f ./config/compchannel.tx --outputBlock ./config/compchannel.block -o $ORDERER_ADDRESS
sleep 10s
echo ''
echo '[====== B.3: Join regulator peer to compchannel ======]'
peer channel join -b ./config/compchannel.block -o $ORDERER_ADDRESS
sleep 10s
echo ''
echo '[================= B.4: Update anchors =================]'
PEER_FABRIC_CFG_PATH=$FABRIC_CFG_PATH
FABRIC_CFG_PATH=./config
configtxgen -outputAnchorPeersUpdate ./config/peer-update.tx -asOrg $ORG_NAME -channelID compchannel -profile CompChannel
FABRIC_CFG_PATH=$PEER_FABRIC_CFG_PATH
peer channel update -f ./config/peer-update.tx -c compchannel -o $ORDERER_ADDRESS
sleep 10s
echo ''
echo '[=======================================================]'
echo '[============ C. Manage the network: Broker ============]'
echo '[=======================================================]'
echo '[=========== C.1: Set context to Broker org ============]'
export ORG_CONTEXT="broker"
export ORG_NAME="Broker"
export CORE_PEER_LOCALMSPID="BrokerMSP"
export FABRIC_LOGGING_SPEC=INFO
export FABRIC_CFG_PATH=$PWD/config/broker
export CORE_PEER_ADDRESS=peer.broker.com:8051
export CORE_PEER_MSPCONFIGPATH=$PWD/config/crypto-config/peerOrganizations/broker.com/users/Admin#broker.com/msp
export ORDERER_ADDRESS=orderer.regulator.com:7050
echo ''
echo '[======== C.3: Join broker peer to compchannel =======]'
peer channel join -b ./config/compchannel.block -o $ORDERER_ADDRESS ### !!! THIS STEP FAILS !!!
sleep 10s
echo ''
echo '[================= C.4: Update anchors =================]'
PEER_FABRIC_CFG_PATH=$FABRIC_CFG_PATH
FABRIC_CFG_PATH=./config
configtxgen -outputAnchorPeersUpdate ./config/peer-update.tx -asOrg $ORG_NAME -channelID compchannel -profile CompChannel
FABRIC_CFG_PATH=$PEER_FABRIC_CFG_PATH
peer channel update -f ./config/peer-update.tx -c compchannel -o $ORDERER_ADDRESS
orderer/orderer.yaml
General:
BootstrapMethod: file
BootstrapFile: /var/hyperledger/config/genesis.block
BCCSP:
Default: SW
SW:
HASH: SHA2
Security: 256
FileKeyStore:
Keystore:
LocalMSPDir: /var/hyperledger/msp
LocalMSPID: OrdererMSP
ListenAddress: 0.0.0.0
ListenPort: 7050
Cluster:
SendBufferSize: 10
ClientCertificate:
ClientPrivateKey:
ListenPort:
ListenAddress:
ServerCertificate:
ServerPrivateKey:
Keepalive:
ServerMinInterval: 60s
ServerInterval: 7200s
ServerTimeout: 20s
TLS:
Enabled: false
PrivateKey: ./server.key
Certificate: ./server.crt
RootCAs:
- ./ca.crt
ClientAuthRequired: false
ClientRootCAs:
FileLedger:
Location: /var/ledger
Prefix: hyperledger-fabric-ordererledger
Debug:
BroadcastTraceDir:
DeliverTraceDir:
Operations:
ListenAddress: 127.0.0.1:8443
TLS:
Enabled: false
Certificate:
PrivateKey:
ClientAuthRequired: false
RootCAs: []
Metrics:
Provider: disabled
Statsd:
Network: udp
Address: 127.0.0.1:8125
WriteInterval: 30s
Prefix:
Consensus:
WALDir: /var/hyperledger/production/orderer/etcdraft/wal
SnapDir: /var/hyperledger/production/orderer/etcdraft/snapshot
regulator/core.yaml (broker/core.yaml is nearly identical, just exchange regulator for broker)
peer:
id: peer.regulator.com
networkId: dev
listenAddress: 0.0.0.0:7051
address: 0.0.0.0:7051
addressAutoDetect: false
gomaxprocs: -1
keepalive:
minInterval: 60s
client:
interval: 60s
timeout: 20s
deliveryClient:
interval: 60s
timeout: 20s
gossip:
bootstrap:
useLeaderElection: false
orgLeader: true
membershipTrackerInterval: 5s
endpoint:
maxBlockCountToStore: 100
maxPropagationBurstLatency: 10ms
maxPropagationBurstSize: 10
propagateIterations: 1
propagatePeerNum: 3
pullInterval: 4s
pullPeerNum: 3
requestStateInfoInterval: 4s
publishStateInfoInterval: 4s
stateInfoRetentionInterval:
publishCertPeriod: 10s
skipBlockVerification: false
dialTimeout: 3s
connTimeout: 2s
recvBuffSize: 20
sendBuffSize: 200
digestWaitTime: 1s
requestWaitTime: 1500ms
responseWaitTime: 2s
aliveTimeInterval: 5s
aliveExpirationTimeout: 25s
reconnectInterval: 25s
externalEndpoint: peer.regulator.com:7051
election:
startupGracePeriod: 15s
membershipSampleInterval: 1s
leaderAliveThreshold: 10s
leaderElectionDuration: 5s
pvtData:
pullRetryThreshold: 60s
transientstoreMaxBlockRetention: 1000
pushAckTimeout: 3s
btlPullMargin: 10
reconcileBatchSize: 10
reconcileSleepInterval: 1m
reconciliationEnabled: true
tls:
enabled: false
clientAuthRequired: false
cert:
file: tls/server.crt
key:
file: tls/server.key
rootcert:
file: tls/ca.crt
clientRootCAs:
files:
- tls/ca.crt
clientKey:
file:
clientCert:
file:
authentication:
timewindow: 15m
fileSystemPath: /var/hyperledger/production
BCCSP:
Default: SW
SW:
Hash: SHA2
Security: 256
FileKeyStore:
KeyStore:
PKCS11:
Library:
Label:
Pin:
Hash:
Security:
FileKeyStore:
KeyStore:
mspConfigPath: /var/hyperledger/msp
localMspId: RegulatorMSP
client:
connTimeout: 3s
deliveryclient:
reconnectTotalTimeThreshold: 3600s
connTimeout: 3s
reConnectBackoffThreshold: 3600s
localMspType: bccsp
profile:
enabled: false
listenAddress: 0.0.0.0:6060
adminService:
handlers:
authFilters:
- name: DefaultAuth
- name: ExpirationCheck
decorators:
- name: DefaultDecorator
endorsers:
escc:
name: DefaultEndorsement
library:
validators:
vscc:
name: DefaultValidation
library:
validatorPoolSize:
discovery:
enabled: true
authCacheEnabled: true
authCacheMaxSize: 1000
authCachePurgeRetentionRatio: 0.75
orgMembersAllowedAccess: false
vm:
endpoint: unix:///var/run/docker.sock
docker:
tls:
enabled: false
ca:
file: docker/ca.crt
cert:
file: docker/tls.crt
key:
file: docker/tls.key
attachStdout: false
hostConfig:
NetworkMode: host
Dns:
# - 192.168.0.1
LogConfig:
Type: json-file
Config:
max-size: "50m"
max-file: "5"
Memory: 2147483648
chaincode:
id:
path:
name:
builder: $(DOCKER_NS)/fabric-ccenv:$(TWO_DIGIT_VERSION)
pull: false
golang:
runtime: $(DOCKER_NS)/fabric-baseos:$(TWO_DIGIT_VERSION)
dynamicLink: false
java:
runtime: $(DOCKER_NS)/fabric-javaenv:$(TWO_DIGIT_VERSION)
node:
runtime: $(DOCKER_NS)/fabric-nodeenv:$(TWO_DIGIT_VERSION)
externalBuilders: []
installTimeout: 300s
startuptimeout: 300s
executetimeout: 30s
mode: net
keepalive: 0
system:
_lifecycle: enable
cscc: enable
lscc: enable
escc: enable
vscc: enable
qscc: enable
logging:
level: info
shim: warning
format: "%{color}%{time:2006-01-02 15:04:05.000 MST} [%{module}] %{shortfunc} -> %{level:.4s} %{id:03x}%{color:reset} %{message}"
ledger:
blockchain:
state:
stateDatabase: CouchDB
totalQueryLimit: 100000
couchDBConfig:
couchDBAddress: couchdb.regulator.com:5984
username: <username>
password: <password>
maxRetries: 3
maxRetriesOnStartup: 20
requestTimeout: 35s
internalQueryLimit: 1000
maxBatchUpdateSize: 1000
warmIndexesAfterNBlocks: 1
createGlobalChangesDB: false
history:
enableHistoryDatabase: true
pvtdataStore:
collElgProcMaxDbBatchSize: 5000
collElgProcDbBatchesInterval: 1000
operations:
listenAddress: 127.0.0.1:9443
tls:
enabled: false
cert:
file:
key:
file:
clientAuthRequired: false
clientRootCAs:
files: []
metrics:
provider: disabled
statsd:
network: udp
address: 127.0.0.1:8125
writeInterval: 10s
prefix:
configtx.yaml
Capabilities:
Application: &ApplicationCapabilities
V2_0: true
Orderer: &OrdererCapabilities
V2_0: true
Channel: &ChannelCapabilities
V2_0: true
Organizations:
- &Orderer
Name: Orderer
ID: OrdererMSP
MSPDir: ./crypto-config/ordererOrganizations/regulator.com/msp
Policies: &OrdererPolicies
Readers:
Type: Signature
Rule: "OR('OrdererMSP.member')"
Writers:
Type: Signature
Rule: "OR('OrdererMSP.member')"
Admins:
Type: Signature
Rule: "OR('OrdererMSP.admin')"
Endorsement:
Type: Signature
Rule: "OR('OrdererMSP.member')"
- &Regulator
Name: Regulator
ID: RegulatorMSP
MSPDir: ./crypto-config/peerOrganizations/regulator.com/msp
Policies: &RegulatorPolicies
Readers:
Type: Signature
Rule: "OR('RegulatorMSP.member')"
Writers:
Type: Signature
Rule: "OR('RegulatorMSP.member')"
Admins:
Type: Signature
Rule: "OR('RegulatorMSP.admin')"
Endorsement:
Type: Signature
Rule: "OR('RegulatorMSP.member')"
AnchorPeers:
- Host: peer.regulator.com
Port: 7051
- &Broker
Name: Broker
ID: BrokerMSP
MSPDir: ./crypto-config/peerOrganizations/broker.com/msp
Policies: &BrokerPolicies
Readers:
Type: Signature
Rule: "OR('BrokerMSP.member')"
Writers:
Type: Signature
Rule: "OR('BrokerMSP.member')"
Admins:
Type: Signature
Rule: "OR('BrokerMSP.member')"
Endorsement:
Type: Signature
Rule: "OR('BrokerMSP.member')"
AnchorPeers:
- Host: peer.broker.com
Port: 7051
Orderer: &OrdererDefaults
OrdererType: solo
Addresses:
- orderer.regulator.com:7050
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "ANY Admins"
BlockValidation:
Type: ImplicitMeta
Rule: "ANY Writers"
BatchTimeout: 2s
BatchSize:
MaxMessageCount: 10
AbsoluteMaxBytes: 98 MB
PreferredMaxBytes: 512 KB
Capabilities:
<<: *OrdererCapabilities
Application: &ApplicationDefaults
ACLs: &ACLsDefault
lscc/ChaincodeExists: /Channel/Application/Readers
lscc/GetDeploymentSpec: /Channel/Application/Readers
lscc/GetChaincodeData: /Channel/Application/Readers
lscc/GetInstantiatedChaincodes: /Channel/Application/Readers
qscc/GetChainInfo: /Channel/Application/Readers
qscc/GetBlockByNumber: /Channel/Application/Readers
qscc/GetBlockByHash: /Channel/Application/Readers
qscc/GetTransactionByID: /Channel/Application/Readers
qscc/GetBlockByTxID: /Channel/Application/Readers
cscc/GetConfigBlock: /Channel/Application/Readers
cscc/GetConfigTree: /Channel/Application/Readers
cscc/SimulateConfigTreeUpdate: /Channel/Application/Readers
peer/Propose: /Channel/Application/Writers
peer/ChaincodeToChaincode: /Channel/Application/Readers
event/Block: /Channel/Application/Readers
event/FilteredBlock: /Channel/Application/Readers
_lifecycle/CheckCommitReadiness: /Channel/Application/Writers
_lifecycle/CommitChaincodeDefinition: /Channel/Application/Writers
_lifecycle/QueryChaincodeDefinition: /Channel/Application/Readers
Policies: &ApplicationDefaultPolicies
Endorsement:
Type: ImplicitMeta
Rule: "ANY Endorsement"
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "ANY Admins"
LifecycleEndorsement:
Type: ImplicitMeta
Rule: "ANY Endorsement"
Organizations:
Capabilities:
<<: *ApplicationCapabilities
Channel: &ChannelDefaults
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "ANY Admins"
Capabilities:
<<: *ChannelCapabilities
Profiles:
CompOrdererGenesis:
<<: *ChannelDefaults
Orderer:
<<: *OrdererDefaults
Organizations:
- <<: *Orderer
Consortiums:
CompConsortium:
Organizations:
- <<: *Regulator
- <<: *Broker
Application:
<<: *ApplicationDefaults
Organizations:
- <<: *Regulator
- <<: *Broker
CompChannel:
<<: *ChannelDefaults
Consortium: CompConsortium
Application:
<<: *ApplicationDefaults
Organizations:
- <<: *Broker
- <<: *Regulator
crypto-config.yaml
OrdererOrgs:
- Name: Orderer
Domain: regulator.com
EnableNodeOUs: true
Specs:
- Hostname: orderer
PeerOrgs:
- Name: Regulator
Domain: regulator.com
EnableNodeOUs: true
Specs:
- Hostname: peer.regulator.com
CommonName: peer.regulator.com
Users:
Count: 1
- Name: Broker
Domain: broker.com
EnableNodeOUs: true
Specs:
- Hostname: peer.broker.com
CommonName: peer.broker.com
Users:
Count: 1
docker-compose-base.yaml
version: "2"
networks:
comp:
volumes:
data-orderer.regulator.com:
data-peer.regulator.com:
data-peer.broker.com:
couchdb-data-regulator:
driver: local
couchdb-data-broker:
driver: local
services:
couchdb.regulator.com:
container_name: couchdb.regulator.com
image: couchdb:latest
environment:
- COUCHDB_USER=<username>
- COUCHDB_PASSWORD=<password>
ports:
- 5984:5984
volumes:
- couchdb-data-regulator:/opt/couchdb/data
networks:
- comp
couchdb.broker.com:
container_name: couchdb.broker.com
image: couchdb:latest
environment:
- COUCHDB_USER=<username>
- COUCHDB_PASSWORD=<password>
ports:
- 6984:5984
volumes:
- couchdb-data-broker:/opt/couchdb/data
networks:
- comp
orderer.regulator.com:
container_name: orderer.regulator.com
image: hyperledger/fabric-orderer:latest
command: orderer
environment:
- FABRIC_CFG_PATH=/var/hyperledger/config
- FABRIC_LOGGING_SPEC=DEBUG
volumes:
- ${PWD}/config/orderer:/var/hyperledger/config
- ${PWD}/config/crypto-config/ordererOrganizations/regulator.com/orderers/orderer.regulator.com/msp:/var/hyperledger/msp
- ${PWD}/config/crypto-config/ordererOrganizations/regulator.com/orderers/orderer.regulator.com/tls:/var/hyperledger/tls
- data-orderer.regulator.com:/var/ledger
ports:
- 7050:7050
networks:
- comp
peer.regulator.com:
container_name: peer.regulator.com
image: hyperledger/fabric-peer:latest
environment:
- FABRIC_CFG_PATH=/var/hyperledger/config
- FABRIC_LOGGING_SPEC=DEBUG
- CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=${COMPOSE_PROJECT_NAME}_net
- CORE_LEDGER_STATE_STATEDATABASE=CouchDB
- CORE_LEDGER_STATE_COUCHDBCONFIG_COUCHDBADDRESS=couchdb.regulator.com:5984
- CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME=<username>
- CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD=<password>
command: [sh, -c, "sleep 10 && peer node start"]
volumes:
- ${PWD}/config/regulator:/var/hyperledger/config
- ${PWD}/config/crypto-config/peerOrganizations/regulator.com/peers/peer.regulator.com/msp:/var/hyperledger/msp
- ${PWD}/config/crypto-config/peerOrganizations/regulator.com/peers/peer.regulator.com/tls:/var/hyperledger/tls
- /var/run/:/var/run/
- data-peer.regulator.com:/var/hyperledger/production
depends_on:
- orderer.regulator.com
- couchdb.regulator.com
ports:
- 7051:7051
- 7052:7052
networks:
- comp
links:
- couchdb.regulator.com
peer.broker.com:
container_name: peer.broker.com
image: hyperledger/fabric-peer:latest
environment:
- FABRIC_CFG_PATH=/var/hyperledger/config
- FABRIC_LOGGING_SPEC=DEBUG
- CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=${COMPOSE_PROJECT_NAME}_net
- CORE_LEDGER_STATE_STATEDATABASE=CouchDB
- CORE_LEDGER_STATE_COUCHDBCONFIG_COUCHDBADDRESS=couchdb.broker.com:6984
- CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME=<username>
- CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD=<password>
command: [sh, -c, "sleep 10 && peer node start"]
volumes:
- ${PWD}/config/regulator:/var/hyperledger/config
- ${PWD}/config/crypto-config/peerOrganizations/broker.com/peers/peer.broker.com/msp:/var/hyperledger/msp
- ${PWD}/config/crypto-config/peerOrganizations/broker.com/peers/peer.broker.com/tls:/var/hyperledger/tls
- /var/run/:/var/run/
- data-peer.broker.com:/var/hyperledger/production
depends_on:
- orderer.regulator.com
- couchdb.broker.com
ports:
- 8051:7051
- 8052:7052
networks:
- comp
links:
- couchdb.broker.com
extra_hosts:
- "couchdb.broker.com:<machines_ip>" # this one was due to some DNS resolution shenanigans
I hope somebody can help me solve this issue, cause I think I'm loosing sanity by the moment.

Turns out that I just made a goof. When you look at the docker-compose-base.yaml file under the services > peer.broker.com > volumes section, I messed up the config folder path, so both peers were running on the same configuration, but with different certificates, and that caused the discrepancy in peer authentication.

I am using the hyperledger fabric network using the basic network from fabric sample. Basic network consist of one orderer and one peer. I have install the fab car chain code in network and join the channel.Please suggest me how to add Endorsement policy to chaincode, Below are command i used to initiate the chain code
1. peer chaincode install -n fabcar -p github.com/ -v 1.1
2. peer chaincode instantiate -o orderer.example.com:7050 -C mychannel -c '{"Args":[]}' -n fabcar -v 1.1 -P "OR('Org1MSP.peer','Org1MSP.admin','Org1MSP.member')"
I am using the fabric sdk for query the fabcar it works well. But if i try to invoke chaincode its give me error stating
Failed to submit transaction: Error: No endorsement plan available for {"chaincodes":[{"name":"fabcar"}]}
config Tx
Organizations:
# SampleOrg defines an MSP using the sampleconfig. It should never be used
# in production but may be used as a template for other definitions
- &OrdererOrg
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: OrdererOrg
# ID to load the MSP definition as
ID: OrdererMSP
# MSPDir is the filesystem path which contains the MSP configuration
MSPDir: crypto-config/ordererOrganizations/example.com/msp
- &Org1
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: Org1MSP
# ID to load the MSP definition as
ID: Org1MSP
MSPDir: crypto-config/peerOrganizations/org1.example.com/msp
AnchorPeers:
# AnchorPeers defines the location of peers which can be used
# for cross org gossip communication. Note, this value is only
# encoded in the genesis block in the Application section context
- Host: peer0.org1.example.com
Port: 7051
Application: &ApplicationDefaults
# Organizations is the list of orgs which are defined as participants on
# the application side of the network
Organizations:
Orderer: &OrdererDefaults
# Orderer Type: The orderer implementation to start
# Available types are "solo" and "kafka"
OrdererType: solo
Addresses:
- orderer.example.com:7050
# Batch Timeout: The amount of time to wait before creating a batch
BatchTimeout: 2s
# Batch Size: Controls the number of messages batched into a block
BatchSize:
# Max Message Count: The maximum number of messages to permit in a batch
MaxMessageCount: 10
# Absolute Max Bytes: The absolute maximum number of bytes allowed for
# the serialized messages in a batch.
AbsoluteMaxBytes: 99 MB
# Preferred Max Bytes: The preferred maximum number of bytes allowed for
# the serialized messages in a batch. A message larger than the preferred
# max bytes will result in a batch larger than preferred max bytes.
PreferredMaxBytes: 512 KB
Kafka:
# Brokers: A list of Kafka brokers to which the orderer connects
# NOTE: Use IP:port notation
Brokers:
- 127.0.0.1:9092
# Organizations is the list of orgs which are defined as participants on
# the orderer side of the network
Organizations:
Profiles:
OneOrgOrdererGenesis:
Orderer:
<<: *OrdererDefaults
Organizations:
- *OrdererOrg
Consortiums:
SampleConsortium:
Organizations:
- *Org1
OneOrgChannel:
Consortium: SampleConsortium
Application:
<<: *ApplicationDefaults
Organizations:
- *Org1
crypto-config
OrdererOrgs:
# ---------------------------------------------------------------------------
# Orderer
# ---------------------------------------------------------------------------
- Name: Orderer
Domain: example.com
# ---------------------------------------------------------------------------
# "Specs" - See PeerOrgs below for complete description
# ---------------------------------------------------------------------------
Specs:
- Hostname: orderer
PeerOrgs:
# ---------------------------------------------------------------------------
# Org1
# ---------------------------------------------------------------------------
- Name: Org1
Domain: org1.example.com
Template:
Count: 1
Users:
Count: 1
Invoke function
async function Invoke(userwallet,usename,channelName,chaincodeName) {
try {
// Create a new file system based wallet for managing identities.
const walletPath = path.join(process.cwd(), 'wallet');
const wallet = new FileSystemWallet(walletPath);
console.log(`Wallet path: ${walletPath}`);
// Check to see if we've already enrolled the user.
const userExists = await wallet.exists(userwallet);
if (!userExists) {
console.log('An identity for the user "user1" does not exist in the wallet');
console.log('Run the registerUser.js application before retrying');
return;
}
// Create a new gateway for connecting to our peer node.
const gateway = new Gateway();
await gateway.connect(ccp, { wallet, identity: usename, discovery: { enabled: true, asLocalhost: true} });
// Get the network (channel) our contract is deployed to.
const network = await gateway.getNetwork(channelName);
// Get the contract from the network.
const contract = network.getContract(chaincodeName);
// Submit the specified transaction.
// createCar transaction - requires 5 argument, ex: ('createCar', 'CAR12', 'Honda', 'Accord', 'Black', 'Tom')
// changeCarOwner transaction - requires 2 args , ex: ('changeCarOwner', 'CAR10', 'Dave')
await contract.submitTransaction('createCar','CAR12', 'Honda', 'Accord', 'Black', 'Tom');
//await contract.submitTransaction('changeCarOwner', 'CAR10', 'Dave');
console.log('Transaction has been submitted');
// Disconnect from the gateway.
await gateway.disconnect();
} catch (error) {
console.error(`Failed to submit transaction: ${error}`);
process.exit(1);
}
}
module.exports.Invoke = Invoke

It is weird, Let's do some trial and error
Try to make changes in the below snippet. This removes the policy do not worry a default policy will be applicable
peer chaincode instantiate -o orderer.example.com:7050 -C mychannel -c '{"Args":[]}' -n fabcar -v 1.1

I have 3 organisation with 6 peer and i have created the channel transaction, even i can query the fabcar chaincode from fabric node client. But when i use the farbic sdk node to submit the transcation it give me error
Failed to submit transaction: Error: Endorsement has failed
I am using the below code for submitting the transcation
async function Invoke(userwallet,usename,channelName,chaincodeName) {
try {
// Create a new file system based wallet for managing identities.
const walletPath = path.join(process.cwd(), 'wallet');
const wallet = new FileSystemWallet(walletPath);
console.log(`Wallet path: ${walletPath}`);
// Check to see if we've already enrolled the user.
const userExists = await wallet.exists(userwallet);
if (!userExists) {
console.log('An identity for the user "user1" does not exist in the wallet');
console.log('Run the registerUser.js application before retrying');
return;
}
// Create a new gateway for connecting to our peer node.
const gateway = new Gateway();
await gateway.connect(ccp, { wallet, identity: usename, discovery: { enabled: true } });
// Get the network (channel) our contract is deployed to.
const network = await gateway.getNetwork(channelName);
// Get the contract from the network.
const contract = network.getContract(chaincodeName);
// Submit the specified transaction.
// createCar transaction - requires 5 argument, ex: ('createCar', 'CAR12', 'Honda', 'Accord', 'Black', 'Tom')
// changeCarOwner transaction - requires 2 args , ex: ('changeCarOwner', 'CAR10', 'Dave')
// await contract.submitTransaction('CAR12', 'Honda', 'Accord', 'Black', 'Tom');
await contract.createTransaction('createCar').submit('CAR22', 'Honda', 'Accord', 'Black', 'Tom')
//await contract.submitTransaction('changeCarOwner', 'CAR10', 'Dave');
console.log('Transaction has been submitted');
// Disconnect from the gateway.
await gateway.disconnect();
} catch (error) {
console.error(`Failed to submit transaction: ${error}`);
process.exit(1);
}
}
configTx
Organizations:
- &OrdererOrg
Name: OrdererOrg
# ID to load the MSP definition as
ID: OrdererMSP
# MSPDir is the filesystem path which contains the MSP configuration
MSPDir: crypto-config/ordererOrganizations/example.com/msp
Policies:
Readers:
Type: Signature
Rule: "OR('OrdererMSP.member')"
Writers:
Type: Signature
Rule: "OR('OrdererMSP.member')"
Admins:
Type: Signature
Rule: "OR('OrdererMSP.admin')"
- &Org1
Name: Org1MSP
# ID to load the MSP definition as
ID: Org1MSP
MSPDir: crypto-config/peerOrganizations/org1.example.com/msp
Policies:
Readers:
Type: Signature
Rule: "OR('Org1MSP.admin', 'Org1MSP.peer', 'Org1MSP.client')"
Writers:
Type: Signature
Rule: "OR('Org1MSP.admin', 'Org1MSP.client')"
Admins:
Type: Signature
Rule: "OR('Org1MSP.admin')"
# leave this flag set to true.
AnchorPeers:
- Host: peer1.org1.example.com
Port: 7051
- &Org2
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: Org2MSP
# ID to load the MSP definition as
ID: Org2MSP
MSPDir: crypto-config/peerOrganizations/org2.example.com/msp
Policies:
Readers:
Type: Signature
Rule: "OR('Org2MSP.admin', 'Org2MSP.peer', 'Org2MSP.client')"
Writers:
Type: Signature
Rule: "OR('Org2MSP.admin', 'Org2MSP.client')"
Admins:
Type: Signature
Rule: "OR('Org2MSP.admin')"
AnchorPeers:
- Host: peer1.org2.example.com
Port: 7051
- &Org3
Name: Org3MSP
# ID to load the MSP definition as
ID: Org3MSP
MSPDir: crypto-config/peerOrganizations/org3.example.com/msp
Policies:
Readers:
Type: Signature
Rule: "OR('Org3MSP.admin', 'Org3MSP.peer', 'Org3MSP.client' , 'Org3MSP.member')"
Writers:
Type: Signature
Rule: "OR('Org3MSP.admin', 'Org3MSP.client', 'Org3MSP.member')"
Admins:
Type: Signature
Rule: "OR('Org3MSP.admin')"
AnchorPeers:
# AnchorPeers defines the location of peers which can be used
# for cross org gossip communication. Note, this value is only
# encoded in the genesis block in the Application section context
- Host: peer1.org3.example.com
Port: 7051
Capabilities:
Channel: &ChannelCapabilities
V1_4_3: true
V1_3: false
V1_1: false
Orderer: &OrdererCapabilities
V1_4_2: true
V1_1: false
Application: &ApplicationCapabilities
V1_4_2: true
V1_3: false
V1_2: false
V1_1: false
Application: &ApplicationDefaults
ACLs: &ACLsDefault
#---Lifecycle System Chaincode (lscc) function to policy mapping for access control---#
#ACL policy for lscc's "getid" function
lscc/ChaincodeExists: /Channel/Application/Readers
#ACL policy for lscc's "getdepspec" function
lscc/GetDeploymentSpec: /Channel/Application/Readers
#ACL policy for lscc's "getccdata" function
lscc/GetChaincodeData: /Channel/Application/Readers
#---Query System Chaincode (qscc) function to policy mapping for access control---#
#ACL policy for qscc's "GetChainInfo" function
qscc/GetChainInfo: /Channel/Application/Readers
#ACL policy for qscc's "GetBlockByNumber" function
qscc/GetBlockByNumber: /Channel/Application/Readers
#ACL policy for qscc's "GetBlockByHash" function
qscc/GetBlockByHash: /Channel/Application/Readers
#ACL policy for qscc's "GetTransactionByID" function
qscc/GetTransactionByID: /Channel/Application/Readers
#ACL policy for qscc's "GetBlockByTxID" function
qscc/GetBlockByTxID: /Channel/Application/Readers
#---Configuration System Chaincode (cscc) function to policy mapping for access control---#
#ACL policy for cscc's "GetConfigBlock" function
cscc/GetConfigBlock: /Channel/Application/Readers
#ACL policy for cscc's "GetConfigTree" function
cscc/GetConfigTree: /Channel/Application/Readers
#ACL policy for cscc's "SimulateConfigTreeUpdate" function
cscc/SimulateConfigTreeUpdate: /Channel/Application/Writers
#---Miscellanesous peer function to policy mapping for access control---#
#ACL policy for invoking chaincodes on peer
peer/Proposal: /Channel/Application/Writers
#ACL policy for chaincode to chaincode invocation
peer/ChaincodeToChaincode: /Channel/Application/Readers
#---Events resource to policy mapping for access control###---#
#ACL policy for sending block events
event/Block: /Channel/Application/Readers
#ACL policy for sending filtered block events
event/FilteredBlock: /Channel/Application/Readers
# Organizations is the list of orgs which are defined as participants on
# the application side of the network
Organizations:
# Policies defines the set of policies at this level of the config tree
# For Application policies, their canonical path is
# /Channel/Application/<PolicyName>
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
Org1MemberPolicy:
Type: Signature
Rule: "OR('Org1MSP.member')"
Org2MemberPolicy:
Type: Signature
Rule: "OR('Org2MSP.member')"
Org1Org2MemberPolicy:
Type: Signature
Rule: "OR('Org1MSP.member','Org2MSP.member')"
Capabilities:
<<: *ApplicationCapabilities
Orderer: &OrdererDefaults
# Orderer Type: The orderer implementation to start
# Available types are "solo","kafka" and "etcdraft"
OrdererType: etcdraft
Addresses:
- orderer.example.com:7050
# Batch Timeout: The amount of time to wait before creating a batch
BatchTimeout: 2s
# Batch Size: Controls the number of messages batched into a block
BatchSize:
# Max Message Count: The maximum number of messages to permit in a batch
MaxMessageCount: 10
# Absolute Max Bytes: The absolute maximum number of bytes allowed for
# the serialized messages in a batch.
AbsoluteMaxBytes: 99 MB
# Preferred Max Bytes: The preferred maximum number of bytes allowed for
# the serialized messages in a batch. A message larger than the preferred
# max bytes will result in a batch larger than preferred max bytes.
PreferredMaxBytes: 512 KB
Kafka:
# Brokers: A list of Kafka brokers to which the orderer connects
# NOTE: Use IP:port notation
Brokers:
- 127.0.0.1:9092
# EtcdRaft defines configuration which must be set when the "etcdraft"
# orderertype is chosen.
EtcdRaft:
# The set of Raft replicas for this network. For the etcd/raft-based
# implementation, we expect every replica to also be an OSN. Therefore,
# a subset of the host:port items enumerated in this list should be
# replicated under the Orderer.Addresses key above.
Consenters:
- Host: orderer.example.com
Port: 7050
ClientTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer.example.com/tls/server.crt
ServerTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer.example.com/tls/server.crt
# Organizations is the list of orgs which are defined as participants on
# the orderer side of the network
Organizations:
# Policies defines the set of policies at this level of the config tree
# For Orderer policies, their canonical path is
# /Channel/Orderer/<PolicyName>
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
# BlockValidation specifies what signatures must be included in the block
# from the orderer for the peer to validate it.
BlockValidation:
Type: ImplicitMeta
Rule: "ANY Writers"
Channel: &ChannelDefaults
# Policies defines the set of policies at this level of the config tree
# For Channel policies, their canonical path is
# /Channel/<PolicyName>
Policies:
# Who may invoke the 'Deliver' API
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
# Who may invoke the 'Broadcast' API
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
# By default, who may modify elements at this config level
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
Capabilities:
<<: *ChannelCapabilities
Profiles:
ThreeOrgsOrdererGenesis:
<<: *ChannelDefaults
Application:
<<: *ApplicationDefaults
Orderer:
<<: *OrdererDefaults
Organizations:
- *OrdererOrg
Capabilities:
<<: *OrdererCapabilities
Consortiums:
SampleConsortium:
Organizations:
- *Org1
- *Org2
- *Org3
ChannelAll:
Consortium: SampleConsortium
<<: *ChannelDefaults
Application:
<<: *ApplicationDefaults
Organizations:
- *Org1
- *Org2
- *Org3
Capabilities:
<<: *ApplicationCapabilities
Channel12:
Consortium: SampleConsortium
<<: *ChannelDefaults
Application:
<<: *ApplicationDefaults
Organizations:
- *Org1
- *Org2
Capabilities:
<<: *ApplicationCapabilities

#fama Try to use below-corrected configtx.yaml, I guess the problem with the policy
As you enabled identity classification so make sure you enable NodeOU's
- &Org1
Name: Org1MSP
# ID to load the MSP definition as
ID: Org1MSP
MSPDir: crypto-config/peerOrganizations/org1.example.com/msp
Policies:
Readers:
Type: Signature
Rule: "OR('Org1MSP.member')"
Writers:
Type: Signature
Rule: "OR('Org1MSP.member')"
Admins:
Type: Signature
Rule: "OR('Org1MSP.admin')"
# leave this flag set to true.
AnchorPeers:
- Host: peer1.org1.example.com
Port: 7051
- &Org2
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: Org2MSP
# ID to load the MSP definition as
ID: Org2MSP
MSPDir: crypto-config/peerOrganizations/org2.example.com/msp
Policies:
Readers:
Type: Signature
Rule: "OR('Org2MSP.member')"
Writers:
Type: Signature
Rule: "OR('Org2MSP.member')"
Admins:
Type: Signature
Rule: "OR('Org2MSP.admin')"
AnchorPeers:
- Host: peer1.org2.example.com
Port: 7051
- &Org3
Name: Org3MSP
# ID to load the MSP definition as
ID: Org3MSP
MSPDir: crypto-config/peerOrganizations/org3.example.com/msp
Policies:
Readers:
Type: Signature
Rule: "OR('Org3MSP.member')"
Writers:
Type: Signature
Rule: "OR('Org3MSP.member')"
Admins:
Type: Signature
Rule: "OR('Org3MSP.admin')"
AnchorPeers:
# AnchorPeers defines the location of peers which can be used
# for cross org gossip communication. Note, this value is only
# encoded in the genesis block in the Application section context
- Host: peer1.org3.example.com
Port: 7051

I am trying to enforce simple endorsement policy for 2 org network. Here is my crypto-config.yaml
OrdererOrgs:
- Name: Orderer
Domain: example.com
Specs:
- Hostname: orderer
PeerOrgs:
- Name: Org1
Domain: org1.example.com
EnableNodeOUs: true
# CA:
# OrganizationalUnit: peer
Template:
Count: 1
Users:
Count: 1
- Name: Org2
Domain: org2.example.com
EnableNodeOUs: true
# CA:
# OrganizationalUnit: peer
Template:
Count: 1
Users:
Count: 1
And i can see OU as peer in both peers.
peer0.org2.example.com
Identity: peer0.org2.example.com
Verified by: ca.org2.example.com
Expires: Saturday 23 December 2028
Subject Name
C (Country): US
ST (State): California
L (Locality): San Francisco
OU (Organizational Unit): peer
CN (Common Name): peer0.org2.example.com
endorsement policy for member check works
peer chaincode instantiate -o orderer.example.com:7050 -C mychannel -n chaincode -l node -v v0 -c '{"args":["init"]}' -P "AND('Org1MSP.member', 'Org2MSP.member')"
but endorsement policy for peer check not working
peer chaincode instantiate -o orderer.example.com:7050 -C mychannel -n chaincode -l node -v v0 -c '{"args":["init"]}' -P "AND('Org1MSP.peer', 'Org2MSP.peer')"
When i invoke any function.
Transaction failed to be committed to the ledger due to ::ENDORSEMENT_POLICY_FAILURE
even "OR('Org1MSP.peer', 'Org2MSP.peer')" not working

PeerOrgs:
- Name: Org1
Domain: org1.example.com
EnableNodeOUs: true
# CA:
# OrganizationalUnit: peer
Template:
Count: 1
Users:
Count: 1
......... TEMPLATE COUNT s/b changed to 2 as there are now 2 Orgs

I have been trying to get going on using the SDK to invoke a function from an installed chaincode, but I have ran into an issue, which I am struggling to resolve.
The javascript program I built was a mix of the test/integration/client.js file and the fabcar/invoke.js. When I run the script though, I am getting the following error when running the transaction proposal:
error: [client-utils.js]: sendPeersProposal - Promise is rejected: Error: Failed to deserialize creator identity, err The supplied identity is not valid, Verify() returned x509: certificate signed by unknown authority
I know my issue is due to not using the right certificate, but I don't know where I am not using that correct certificate. I created the crypto-config directory using the following script:
../src/github.com/hyperledger/fabric/build//bin/cryptogen generate --config=./crypto-config.yaml
../src/github.com/hyperledger/fabric/build//bin/configtxgen --profile OrdererGenesis -outputBlock ./channel-artifacts/genesis.block
../src/github.com/hyperledger/fabric/build//bin/configtxgen --profile Channel --outputCreateChannelTx ./channel-artifacts/channel.tx -channelID $CHANNEL_NAME
../src/github.com/hyperledger/fabric/build//bin/configtxgen --profile Channel -outputAnchorPeersUpdate ./channel-artifacts/CorpMSPanchors.tx -channelID $CHANNEL_NAME -asOrg CorpMSP
../src/github.com/hyperledger/fabric/build//bin/configtxgen --profile Channel -outputAnchorPeersUpdate ./channel-artifacts/EngMSPanchors.tx -channelID $CHANNEL_NAME -asOrg EngMSP
Here is the code where I add my peer and my channel:
let data = fs.readFileSync(network[org].peers['peer1']['tls_cacerts']);
var peer = client.newPeer(
network[org].peers['peer1'].requests,
{
pem: Buffer.from(data).toString(),
'ssl-target-name-override': network[org].peers['peer1']['server-hostname']
});
console.log("- Peer set up, setting up channel");
channel = client.newChannel(utils.getConfigSetting('channelName'));
channel.addPeer(peer);
data = fs.readFileSync(network.orderer['tls_cacerts']);
channel.addOrderer(client.newOrderer(network.orderer['url']), {
pem: Buffer.from(data).toString(),
'ssl-target-name-override': network.orderer['server-hostname']
});
target.push(peer);
and here is the configuration of my network:
{
"tmpdir": "/tmp/hfc_test_kvs",
"channelName" : "mychannel",
"chaincodeId" : "blockparty",
"network-config": {
"orderer": {
"url": "grpcs://orderer.example.com:7050",
"server-hostname": "orderer.example.com",
"tls_cacerts": "./crypto-config/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem"
},
"org1": {
"name": "Corp",
"mspid": "CorpMSP",
"username": "Admin",
"peers": {
"peer1": {
"requests": "grpcs://peer0.corp.example.com:7051",
"events": "grpcs://peer0.corp.example.com:7053",
"server-hostname": "peer0.corp.example.com",
"tls_cacerts": "./crypto-config/peerOrganizations/corp.example.com/peers/peer0.corp.example.com/tls/server.crt"
},
"admin": {
"key": "./crypto-config/peerOrganizations/corp.example.com/users/Admin#corp.example.com/msp/keystore",
"cert": "./crypto-config/peerOrganizations/corp.example.com/users/Admin#corp.example.com/msp/signcerts"
}
},
As requested, here are some snippets of my crypto-config.yaml:
OrdererOrgs:
- Name: Orderer
Domain: example.com
Specs:
- Hostname: orderer
PeerOrgs:
- Name: Corp
Domain: corp.example.com
Specs:
- Hostname: peer0
- Hostname: peer1
- Hostname: peer2
Users:
Count: 1
and my configtx.yaml:
Profiles:
OrdererGenesis:
Orderer:
<<: *OrdererDefaults
Organizations:
- *OrdererOrg
Consortiums:
SampleConsortium:
Organizations:
- *Corp
- *Eng
Channel:
Consortium: SampleConsortium
Application:
<<: *ApplicationDefaults
Organizations:
- *Corp
- *Eng
################################################################################
#
# Section: Organizations
#
# - This section defines the different organizational identities which will
# be referenced later in the configuration.
#
################################################################################
Organizations:
# SampleOrg defines an MSP using the sampleconfig. It should never be used
# in production but may be used as a template for other definitions
- &OrdererOrg
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: OrdererOrg
# ID to load the MSP definition as
ID: OrdererMSP
# MSPDir is the filesystem path which contains the MSP configuration
MSPDir: crypto-config/ordererOrganizations/example.com/msp
- &Corp
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: CorpMSP
# ID to load the MSP definition as
ID: CorpMSP
MSPDir: crypto-config/peerOrganizations/corp.example.com/msp
AnchorPeers:
# AnchorPeers defines the location of peers which can be used
# for cross org gossip communication. Note, this value is only
# encoded in the genesis block in the Application section context
- Host: peer0.corp.example.com
Port: 7051
Any thoughts on which certificate I am supposed to use to properly submit the transaction proposal and then the transaction? I am not using a ca-server and I am not using the docker containers either. The environment works as I am able to invoke the chaincode using peer chaincode invoke command, so I know it works, but I am not sure which certificate, I am supposed to use in the client.newPeer and the client.newChannel functions.
Thanks a lot for reading,
Bertrand.

I think you will need a certificate for client Admin. Preferably signed by either corp.example.com or peer#.corp.example.com. The certificate chain for corp.example.com is already present in the your MSPDir/ca folder. So that should do the trick.