Chaincode Invoke, Error: unknown flag: --tlsRootCertFiLes - hyperledger-fabric

I am trying to invoke my chain code using command taken from hyperledger tutorial:
peer chaincode invoke -o localhost:7050 --ordererTLSHostnameOverride orderer.example.com --tls --cafile ${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem -C mychannel -n basic --peerAddresses localhost:7051 --tlsRootCertFiles ${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt --peerAddresses localhost:9051 --tlsRootCertFiles ${PWD}/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt -c '{"function":"InitLedger","Args":[]}'
But I get the error that flag is unknown, also error message shows it is known - existed flag. I am so confused.
Error: unknown flag: --tlsRootCertFiLes
Usage:
peer chaincode invoke [flags]
Flags:
-C, --channelID string The channel on which this command should be executed
--connectionProfile string Connection profile that provides the necessary connection information for the network. Note: currently only supported for providing peer connection information
-c, --ctor string Constructor message for the chaincode in JSON format (default "{}")
-h, --help help for invoke
-I, --isInit Is this invocation for init (useful for supporting legacy chaincodes in the new lifecycle)
-n, --name string Name of the chaincode
--peerAddresses stringArray The addresses of the peers to connect to
--tlsRootCertFiles stringArray If TLS is enabled, the paths to the TLS root cert files of the peers to connect to. The order and number of certs specified should match the --peerAddresses flag
--waitForEvent Whether to wait for the event from each peer's deliver filtered service signifying that the 'invoke' transaction has been committed successfully
--waitForEventTimeout duration Time to wait for the event from each peer's deliver filtered service signifying that the 'invoke' transaction has been committed successfully (default 30s)
Global Flags:
--cafile string Path to file containing PEM-encoded trusted certificate(s) for the ordering endpoint
--certfile string Path to file containing PEM-encoded X509 public key to use for mutual TLS communication with the orderer endpoint
--clientauth Use mutual TLS when communicating with the orderer endpoint
--connTimeout duration Timeout for client to connect (default 3s)
--keyfile string Path to file containing PEM-encoded private key to use for mutual TLS communication with the orderer endpoint
-o, --orderer string Ordering service endpoint
--ordererTLSHostnameOverride string The hostname override to use when validating the TLS connection to the orderer
--tls Use TLS when communicating with the orderer endpoint
--tlsHandshakeTimeShift duration The amount of time to shift backwards for certificate expiration checks during TLS handshakes with the orderer endpoint
--transient string Transient map of arguments in JSON encoding
My related path variables:
export CORE_PEER_TLS_ENABLED=true
export CORE_PEER_LOCALMSPID="Org1MSP"
export CORE_PEER_TLS_ROOTCERT_FILE=/home/vagrant/fabric-samples/test-network/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tl$
export CORE_PEER_MSPCONFIGPATH=/home/vagrant/fabric-samples/test-network/organizations/peerOrganizations/org1.example.com/users/Admin#org1.example.com/msp
export CORE_PEER_ADDRESS=localhost:7051

This error does seem strange.
Is it possible that you are using an older version of Hyperledger Fabric that does not support multiple endorsing nodes? (I'm referencing this old post.)
Have you tested this with an endorsement policy that only requires a single peer node? (In that case, you could leave out the --tlsRootCertFiLes from your command, since you already provided it as an environmental variable.
Lastly, did you set your FABRIC_CFG_PATH variable? (e.g. export FABRIC_CFG_PATH=$PWD/../config/ )

Related

Getting the following error- "Chaincode definition approved on peer0.org1 on channel 'mychannel' failed Deploying chaincode failed"

While running the following command, I'm getting the above error.
Command:
./network.sh deployCC -ccn basic -ccp ../asset-transfer-basic/chaincode-go -ccl go
More details:
Query installed successful on peer0.org1 on channel
Using organization 1
+ peer lifecycle chaincode approveformyorg -o localhost:7050 --ordererTLSHostnameOverride orderer.example.com --tls --cafile /home/haritam/fabric-samples/test-network/organizations/ordererOrganizations/example.com/tlsca/tlsca.example.com-cert.pem --channelID mychannel --name basic --version 1.0 --package-id
Perform chaincode operations:
'package|install|queryinstalled|getinstalledpackage|approveformyorg|queryapproved|checkcommitreadiness|commit|querycommitted'
Usage:
peer lifecycle chaincode '[command]'
Available Commands:
approveformyorg Approve the chaincode definition for my org.
checkcommitreadiness Check whether a chaincode definition is ready to be committed on a channel.
commit Commit the chaincode definition on the channel. getinstalledpackage Get an installed chaincode package from a peer. install Install a chaincode.
package Package a chaincode
queryapproved Query an 'org'\''s' approved chaincode definition from its peer.
querycommitted Query the committed chaincode definitions by channel on a peer.
queryinstalled Query the installed chaincodes on a peer.
Flags:
--cafile string Path to file containing PEM-encoded trusted 'certificate(s)' for the ordering endpoint
--certfile string Path to file containing PEM-encoded X509 public key to use for mutual TLS communication with the orderer endpoint
--clientauth Use mutual TLS when communicating with the orderer endpoint
--connTimeout duration Timeout for client to connect '(default' '3s)'
-h, --help help for chaincode
--keyfile string Path to file containing PEM-encoded private key to use for mutual TLS communication with the orderer endpoint
-o, --orderer string Ordering service endpoint
--ordererTLSHostnameOverride string The hostname override to use when validating the TLS connection to the orderer
--tls Use TLS when communicating with the orderer endpoint
--tlsHandshakeTimeShift duration The amount of time to shift backwards for certificate expiration checks during TLS handshakes with the orderer endpoint
Use '"peer' lifecycle chaincode '[command]' '--help"' for more information about a command. --sequence 1
+ res=1
Error: invalid argument "duration" for "--connTimeout" flag: time: invalid duration duration
Usage:
peer lifecycle chaincode approveformyorg [flags]
Flags:
--channel-config-policy string The endorsement policy associated to this chaincode specified as a channel config policy reference
-C, --channelID string The channel on which this command should be executed
--collections-config string The fully qualified path to the collection JSON file including the file name
--connectionProfile string The fully qualified path to the connection profile that provides the necessary connection information for the network. Note: currently only supported for providing peer connection information
-E, --endorsement-plugin string The name of the endorsement plugin to be used for this chaincode
-h, --help help for approveformyorg
--init-required Whether the chaincode requires invoking 'init'
-n, --name string Name of the chaincode
--package-id string The identifier of the chaincode install package
--peerAddresses stringArray The addresses of the peers to connect to
--sequence int The sequence number of the chaincode definition for the channel
--signature-policy string The endorsement policy associated to this chaincode specified as a signature policy
--tlsRootCertFiles stringArray If TLS is enabled, the paths to the TLS root cert files of the peers to connect to. The order and number of certs specified should match the --peerAddresses flag
-V, --validation-plugin string The name of the validation plugin to be used for this chaincode
-v, --version string Version of the chaincode
--waitForEvent Whether to wait for the event from each peer's deliver filtered service signifying that the transaction has been committed successfully (default true)
--waitForEventTimeout duration Time to wait for the event from each peer's deliver filtered service signifying that the 'invoke' transaction has been committed successfully (default 30s)
Global Flags:
--cafile string Path to file containing PEM-encoded trusted certificate(s) for the ordering endpoint
--certfile string Path to file containing PEM-encoded X509 public key to use for mutual TLS communication with the orderer endpoint
--clientauth Use mutual TLS when communicating with the orderer endpoint
--connTimeout duration Timeout for client to connect (default 3s)
--keyfile string Path to file containing PEM-encoded private key to use for mutual TLS communication with the orderer endpoint
-o, --orderer string Ordering service endpoint
--ordererTLSHostnameOverride string The hostname override to use when validating the TLS connection to the orderer
--tls Use TLS when communicating with the orderer endpoint
--tlsHandshakeTimeShift duration The amount of time to shift backwards for certificate expiration checks during TLS handshakes with the orderer endpoint
Chaincode definition approved on peer0.org1 on channel 'mychannel' failed
Deploying chaincode failed
Was trying to deploy a chaincode on mychannel while following the documentation tutorial.
https://hyperledger-fabric.readthedocs.io/en/latest/test_network.html

Hyperledger: The required parameter 'sequence' is empty. Rerun the command with --sequence flag

I'm trying out the NFT Auction repo at https://github.com/hyperledger-labs/nft-auction
I get the error
Error: The required parameter 'sequence' is empty. Rerun the command with --sequence flag
Finished vendoring Go dependencies
Skipping Chaincode packaging and installing...
Using organization org1
Installed chaincodes on peer:
Query installed successful on peer0.org1 on channel
Using organization org1
Error: The required parameter 'sequence' is empty. Rerun the command with --sequence flag
Usage:
peer lifecycle chaincode approveformyorg [flags]
Flags:
--channel-config-policy string The endorsement policy associated to this chaincode specified as a channel config policy reference
-C, --channelID string The channel on which this command should be executed
--collections-config string The fully qualified path to the collection JSON file including the file name
--connectionProfile string The fully qualified path to the connection profile that provides the necessary connection information for the network. Note: currently only supported for providing peer connection information
-E, --endorsement-plugin string The name of the endorsement plugin to be used for this chaincode
-h, --help help for approveformyorg
--init-required Whether the chaincode requires invoking 'init'
-n, --name string Name of the chaincode
--package-id string The identifier of the chaincode install package
--peerAddresses stringArray The addresses of the peers to connect to
--sequence int The sequence number of the chaincode definition for the channel
--signature-policy string The endorsement policy associated to this chaincode specified as a signature policy
--tlsRootCertFiles stringArray If TLS is enabled, the paths to the TLS root cert files of the peers to connect to. The order and number of certs specified should match the --peerAddresses flag
-V, --validation-plugin string The name of the validation plugin to be used for this chaincode
-v, --version string Version of the chaincode
--waitForEvent Whether to wait for the event from each peer's deliver filtered service signifying that the transaction has been committed successfully (default true)
--waitForEventTimeout duration Time to wait for the event from each peer's deliver filtered service signifying that the 'invoke' transaction has been committed successfully (default 30s)
Global Flags:
--cafile string Path to file containing PEM-encoded trusted certificate(s) for the ordering endpoint
--certfile string Path to file containing PEM-encoded X509 public key to use for mutual TLS communication with the orderer endpoint
--clientauth Use mutual TLS when communicating with the orderer endpoint
--connTimeout duration Timeout for client to connect (default 3s)
--keyfile string Path to file containing PEM-encoded private key to use for mutual TLS communication with the orderer endpoint
-o, --orderer string Ordering service endpoint
--ordererTLSHostnameOverride string The hostname override to use when validating the TLS connection to the orderer
--tls Use TLS when communicating with the orderer endpoint
--tlsHandshakeTimeShift duration The amount of time to shift backwards for certificate expiration checks during TLS handshakes with the orderer endpoint
Chaincode definition approved on peer0.org1 on channel 'defaultchannel' failed
Deploying chaincode failed
Tried looking at the Issues tab of the repo
You must pass a --sequence number to the command. The first time the chaincode is deployed it should be set to '1', and then increment from there.
For example:
peer lifecycle chaincode approveformyorg -o localhost:7050 --ordererTLSHostnameOverride orderer.example.com --channelID mychannel --name basic --version 1.0 --package-id $CC_PACKAGE_ID --sequence 1 --tls --cafile "${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem"
See the full example at https://hyperledger-fabric.readthedocs.io/en/latest/deploy_chaincode.html#approve-a-chaincode-definition.

Hyperledger Fabric: TLS handshake failed with error tls

I have set up a network with raft ordering service (5 orderers), 2 orgs and one peer each, the TLS and client authentication are both enabled. I have created the channel and joined it successfully, but I am getting TLS handshake failed error when updating the anchor peer from cli to orderer, and I am not able to create a second channel for the same error. Besides this TLS error why I was able to create the first channel I am very confused, surely incorrect configs causing that.
CLI Commands:
export ORDERER_CA=crypto/ordererOrganizations/example.com/tlsca/ca-chain.pem
export CLIENT_KEY_FILE=crypto/peerOrganizations/org1.example.com/users/Admin#org1.example.com/tls/client.key
export CLIENT_CERT_FILE=crypto/peerOrganizations/org1.example.com/users/Admin#org1.example.com/tls/client.pem
*Worked: peer channel create -o orderer0.example.com:7050 -c mychannel -f ./channel-artifacts/channel.tx --tls --cafile $ORDERER_CA --clientauth --keyfile $CLIENT_KEY_FILE --certfile $CLIENT_CERT_FILE
*Worked: peer channel join -b muchannel.block
*FAILED: peer channel update -o orderer0.example.com:7050 -c mychannel -f ./channel-artifacts/anchors_channel.tx --tls --cafile $ORDERER_CA --clientauth --keyfile $CLIENT_KEY_FILE --certfile $CLIENT_CERT_FILE
CLI yaml config:
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.pem
- CORE_PEER_TLS_KEY_FILE=crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=crypto/peerOrganizations/org1.example.com/tlsca/ca-chain.pem
- CORE_PEER_TLS_CLIENTAUTHREQUIRED=true
- CORE_PEER_TLS_CLIENTCERT_FILE=crypto/peerOrganizations/org1.example.com/users/Admin#org1.example.com/tls/client.pem
- CORE_PEER_TLS_CLIENTKEY_FILE=crypto/peerOrganizations/org1.example.com/users/Admin#org1.example.com/tls/client.key
Orderer yaml config:
- ORDERER_GENERAL_TLS_ENABLED=true
- ORDERER_GENERAL_TLS_PRIVATEKEY=crypto/ordererOrganizations/example.com/orderers/orderer0.example.com/tls/server.key
- ORDERER_GENERAL_TLS_CERTIFICATE=crypto/ordererOrganizations/example.com/orderers/orderer0.example.com/tls/server.pem
- ORDERER_GENERAL_TLS_ROOTCAS=[crypto/ordererOrganizations/example.com/tls/ca-chain.pem]
- ORDERER_GENERAL_TLS_CLIENTAUTHREQUIRED=true
- ORDERER_GENERAL_TLS_CLIENTROOTCAS=[crypto/ordererOrganizations/example.com/tlsca/ca-chain.pem,crypto/peerOrganizations/org1.example.com/tlsca/ca-chain.pem,crypto/peerOrganizations/org2.example.com/tlsca/ca-chain.pem]
Try running the command with following environment in your CLI container:
export CORE_PEER_ADDRESS=orderer.example.com:7050
export CORE_PEER_LOCALMSPID=OrdererMSP
export CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/users/Admin#example.com/msp
export CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/tls/ca.crt
export ORDERER_CA=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/tls/server.crt
export CHANNEL_NAME=mychannel
This is because issuing channel update transaction requires updating the channel configuration file, which according to your present policies, must be signed by an Orderer Organization admin.

Hyperledger-Fabric Error adding an organization to an existing channel

I am getting an error when following the tutorial for adding an new organization in the channel .
The command I typed is
./eyfn.sh up
The output below is the error I got.
+ res=1
+ set +x
+ peer channel join -b mychannel.block
CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org3.example.com/peers/peer0.org3.example.com/tls/ca.crt
CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org3.example.com/peers/peer0.org3.example.com/tls/server.key
CORE_PEER_LOCALMSPID=Org3MSP
CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org3.example.com/peers/peer0.org3.example.com/tls/server.crt
CORE_PEER_TLS_ENABLED=true
CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org3.example.com/users/Admin#org3.example.com/msp
CORE_PEER_ID=Org3cli
CORE_LOGGING_LEVEL=INFO
CORE_PEER_ADDRESS=peer0.org3.example.com:7051
2018-06-19 22:08:40.019 UTC [channelCmd] InitCmdFactory -> INFO 001 Endorser and orderer connections initialized
Error: proposal failed (err: rpc error: code = Unknown desc = chaincode error (status: 500, message: Cannot create ledger from genesis block, due to LedgerID already exists))
Usage:
peer channel join [flags]
Flags:
-b, --blockpath string Path to file containing genesis block
Global Flags:
--cafile string Path to file containing PEM-encoded trusted certificate(s) for the ordering endpoint
--certfile string Path to file containing PEM-encoded X509 public key to use for mutual TLS communication with the orderer endpoint
--clientauth Use mutual TLS when communicating with the orderer endpoint
--keyfile string Path to file containing PEM-encoded private key to use for mutual TLS communication with the orderer endpoint
--logging-level string Default logging level and overrides, see core.yaml for full syntax
-o, --orderer string Ordering service endpoint
--ordererTLSHostnameOverride string The hostname override to use when validating the TLS connection to the orderer.
--tls Use TLS when communicating with the orderer endpoint
-v, --version Display current version of fabric peer server
peer0.org3 failed to join the channel, Retry after 3 seconds
Specifically the error in the outputs seems to be this,
Error: proposal failed (err: rpc error: code = Unknown desc = chaincode error (status: 500, message: Cannot create ledger from genesis block, due to LedgerID already exists))
I am following instructions from the http://hyperledger-fabric.readthedocs.io/en/release-1.1/channel_update_tutorial.html.
Any guidance seem to be helpful.
Run this command
./byfn.sh -m down
And then run
./eyfn.sh up
Hope this help!

Error invoking chaincode "Error: unknown flag: --peerAddresses" Hyperledger Fabric first-network tutorial

I have been roughly following http://hyperledger-fabric.readthedocs.io/en/latest/build_network.html#troubleshoot to create my first network, and have executed steps involving installing, istantiating, querying a chaincode. However, I get the following error while invoking chaincode.
root#5a0be253ef6e:/opt/gopath/src/github.com/hyperledger/fabric/peer# peer chaincode invoke -o orderer.example.com:7050 --tls true --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem -C testhimani123456 -n mycc --peerAddresses peer0.org1.example.com:7051 --tlsRootCertFiles /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt --peerAddresses peer0.org2.example.com:7051 --tlsRootCertFiles /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt -c '{"Args":["invoke","a","b","10"]}'
Error: unknown flag: --peerAddresses
Usage:
peer chaincode invoke [flags]
Flags:
-C, --channelID string The channel on which this command should be executed
-c, --ctor string Constructor message for the chaincode in JSON format (default "{}")
-n, --name string Name of the chaincode
Global Flags:
--cafile string Path to file containing PEM-encoded trusted certificate(s) for the ordering endpoint
--certfile string Path to file containing PEM-encoded X509 public key to use for mutual TLS communication with the orderer endpoint
--clientauth Use mutual TLS when communicating with the orderer endpoint
--keyfile string Path to file containing PEM-encoded private key to use for mutual TLS communication with the orderer endpoint
--logging-level string Default logging level and overrides, see core.yaml for full syntax
-o, --orderer string Ordering service endpoint
--ordererTLSHostnameOverride string The hostname override to use when validating the TLS connection to the orderer.
--tls Use TLS when communicating with the orderer endpoint
--transient string Transient map of arguments in JSON encoding
-v, --version Display current version of fabric peer server
I have ignored the part concerning environment variables. I was confused as to where to include it. I tried adding the fields that were absent in docker-compose-base.yaml file, but it gave me errors while running docker exec -it cli bash command, saying that there is no container for cli. So i decided to go with the original file, completely ignoring the step.
(finally know how to use this) Actually found the solution thanks to a friend.
The "peer chaincode invoke " doesn't have the flag "peerAddresses". The code given on the Hyperledger fabric tutorial documentation might be outdated or incorrect.
This can be seen in the Reference documentation : https://hyperledger-fabric.readthedocs.io/en/release-1.1/commands/peerchaincode.html
So removing peerAddresses and writing something like this might solve the error.
peer chaincode invoke -o orderer.example.com:7050 --tls --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem -C $CHANNEL_NAME -n mycc -c '{"Args":["invoke","a","b","10"]}'
Problem was resolved by changing chaincode instantiation by changing "and" to "or".
Since I had skipped the environment variables step, default was peer0.org1 (i.e. org1MSP). Nothing was set for org2MSP. Thus it was in no position to award permissions in the first place.
peer chaincode instantiate -o orderer.example.com:7050 --tls --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem -C $CHANNEL_NAME -n mycc -v 1.0 -c '{"Args":["init","a", "100", "b","200"]}' -P "OR ('Org1MSP.peer','Org2MSP.peer')"

Resources