Channel creation fails in Hyperledger Fabric (without Docker) - hyperledger-fabric

I'm having some troubles creating a channel in Hyperledger Fabric v1.4.3 without the use of Docker. I could succesfully generate keys, certs, genesis block and the various artifacts by simply executing cryptogen and configtxgen, then start orderer and peer. However, when I try to create a channel with command
peer channel create -c mychannel -o 127.0.0.1:7050
it fails due to "BAD_REQUEST -- error validating channel creation transaction for new channel 'mychannel', could not succesfully apply update to template configuration: error authorizing update: error validating Readset: existing config does not contain element for [Group] /Channel/application/SampleOrg but was in the read set.
Below the list of commands (executed from fabric-samples/first-network directory):
# cryptogen generate --config=./crypto-config.yaml
# export FABRIC_CFG_PATH=$PWD
# mkdir channel-artifacts
# configtxgen -profile TwoOrgsOrdererGenesis -channelID byfn-sys-channel -outputBlock ./channel-artifacts/genesis.block
# export CHANNEL_NAME=mychannel
# configtxgen -profile TwoOrgsChannel -outputCreateChannelTx ./channel-artifacts/channel.tx -channelID $CHANNEL_NAME
# configtxgen -profile TwoOrgsChannel -outputAnchorPeersUpdate ./channel-artifacts/Org1MSPanchors.tx -channelID $CHANNEL_NAME -asOrg Org1MSP
# configtxgen -profile TwoOrgsChannel -outputAnchorPeersUpdate ./channel-artifacts/Org2MSPanchors.tx -channelID $CHANNEL_NAME -asOrg Org2MSP
# sudo mkdir -p /var/hyperledger/production
# sudo chown -R $(whoami):$(whoami) /var/hyperledger
# orderer start
# export set FABRIC_CFG_PATH=$HOME/fabric-samples/config
# peer node start >> peerlog.log 2>&1 &
# peer channel create -o 127.0.0.1:7050 -c $CHANNEL_NAME -f ./channel-artifacts/channel.tx
This is the output of the the peer terminal, after the attempt of the channel creation:
2019-10-01 12:51:11.955 CEST [ChannelCmd] InitCmdFactory -> INFO 001 Endorser and orderer connections initialized
Error: got unexpected status: BAD_REQUEST -- error validating channel creation transaction for new channel 'mychannel', could not succesfully apply update to template configuration: error authorizing update: error validating ReadSet: existing config does not contain element for [Group]
/Channel/Application/Org1MSP but was in the read set
In the orderer terminal, subsequently:
2019-10-01 12:51:11.958 CEST [orderer.common.broadcast] ProcessMessage -> WARN 015 [channel: mychannel] Rejecting broadcast of config message from 127.0.0.1:48526 because of error: error validating channel creation transaction for new channel 'mychannel', could not successfully apply update to template configuration: error authorizing update: error validating ReadSet: existing config does not contain element for [Group]
/Channel/Application/Org1MSP but was in the read set
2019-10-01 12:51:11.958 CEST [comm.grpc.server] 1 -> INFO016 streaming call completed grpc.service=orderer.AtomicBroadcast grpc.method=Broadcast grpc.peer_address=127.0.0.1:48526 grpc.code=OK grpc.call_duration=1.14698ms
2019-10-01 12:51:11.961 CEST [comm.deliver] Handle ->WARN017 Error reading from 127.0.0.1:48524: rpc error: code = Canceled desc = context canceled
2019-10-01 12:51:11.961 CEST [comm.grpc.server] 1 -> INFO 018 streaming call completed grpc.service=orderer.AtomicBroadcast grpc.method=Deliver grpc.peer_address=127.0.0.1:48524 error="rpc error: code = Canceled desc = context canceled" grpc.code=Canceled grpc.call_duration=5.834477ms
Any help would be appreciated, I've tried all the solutions I've found online. Thank you in advance.
Edit
This is what I modified in orderer.yaml:
LocalMSPDir: /home/rfiorini/fabric-samples/first-network/crypto-config/ordererOrganizations/example.com/orderers/orderer.example.com/msp
This is what I modified in core.yaml:
mspConfigPath: /home/rfiorini/fabric-samples/first-network/crypto-config/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/msp

Related

Restore Back up From Hyperledger Fabric v2.0

https://www.devprovider.com/how-to-take-backup-from-hyperledger-fabric/
https://www.devprovider.com/how-to-restore-hyperledger-fabric-from-backup/
I follow this 2 tutorials for back up and restore my Blockchain,I did everything the same except:
Make back up:
1:
cp –r crypto-config/ backup/
On my own its organizations folder:
test-network/organizations$ ls
ccp-generate.sh ccp-template.json ccp-template.yaml cryptogen fabric-ca ordererOrganizations peerOrganizations
And then:
./network down for restore on next steps
2:
I need to sudo cp instead of cp, cause else cant copy .key files, after that, i run chown too for set my profile as owner
Restore Back up:
1:
cd backup/ && cp -r * ../ && cd ../
Change it by sudo cp ... and do it on 2 steps(its same that creating back up)
2:
./byfn.sh up
I havent that script, but tutorial said:
Previously the network was started using ./byfn.sh up command. Use the same command
$ ./byfn.sh up
or if the network was started using a different script, use it. You’ll notice the peers will automatically join the channel created previously before the network is brought down. The ledger data will be restored and the number of blocks will resume from where the previous network left off.
So i use
./network.sh up createChannel -c mychannel -ca for create my channel
as i always did, it get me errors:
output:
Creating channel 'mychannel'.
If network is not up, starting nodes with CLI timeout of '5' tries and CLI delay of '3' seconds and using database 'leveldb
Generating channel create transaction 'mychannel.tx'
+ configtxgen -profile TwoOrgsChannel -outputCreateChannelTx ./channel-artifacts/mychannel.tx -channelID mychannel
2021-03-30 09:53:34.546 CEST [common.tools.configtxgen] main -> INFO 001 Loading configuration
2021-03-30 09:53:34.560 CEST [common.tools.configtxgen.localconfig] Load -> INFO 002 Loaded configuration: /home/luis/Escritorio/Bchain/asset-Prueba/test-network/configtx/configtx.yaml
2021-03-30 09:53:34.560 CEST [common.tools.configtxgen] doOutputChannelCreateTx -> INFO 003 Generating new channel configtx
2021-03-30 09:53:34.562 CEST [common.tools.configtxgen] doOutputChannelCreateTx -> INFO 004 Writing new channel tx
+ res=0
Creating channel mychannel
Using organization 1
+ peer channel create -o localhost:7050 -c mychannel --ordererTLSHostnameOverride orderer.example.com -f ./channel-artifacts/mychannel.tx --outputBlock ./channel-artifacts/mychannel.block --tls --cafile /home/luis/Escritorio/Bchain/asset-Prueba/test-network/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem
+ res=1
+ peer channel create -o localhost:7050 -c mychannel --ordererTLSHostnameOverride orderer.example.com -f ./channel-artifacts/mychannel.tx --outputBlock ./channel-artifacts/mychannel.block --tls --cafile /home/luis/Escritorio/Bchain/asset-Prueba/test-network/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem
+ res=1
+ peer channel create -o localhost:7050 -c mychannel --ordererTLSHostnameOverride orderer.example.com -f ./channel-artifacts/mychannel.tx --outputBlock ./channel-artifacts/mychannel.block --tls --cafile /home/luis/Escritorio/Bchain/asset-Prueba/test-network/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem
+ res=1
+ peer channel create -o localhost:7050 -c mychannel --ordererTLSHostnameOverride orderer.example.com -f ./channel-artifacts/mychannel.tx --outputBlock ./channel-artifacts/mychannel.block --tls --cafile /home/luis/Escritorio/Bchain/asset-Prueba/test-network/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem
+ res=1
Error: failed to create deliver client for orderer: orderer client failed to connect to localhost:7050: failed to create new connection: connection error: desc = "transport: error while dialing: dial tcp 127.0.0.1:7050: connect: connection refused"
edit 1:
As you said i think im doing all well, then, i can start network with ./network up, and do it correctly
output:
./network.sh up
Starting nodes with CLI timeout of '5' tries and CLI delay of '3' seconds and using database 'leveldb' with crypto from 'cryptogen'
LOCAL_VERSION=2.2.1
DOCKER_IMAGE_VERSION=2.2.1
/home/luis/Escritorio/Bchain/asset-Prueba/test-network/../bin/cryptogen
Generating certificates using cryptogen tool
Creating Org1 Identities
+ cryptogen generate --config=./organizations/cryptogen/crypto-config-org1.yaml --output=organizations
org1.example.com
+ res=0
Creating Org2 Identities
+ cryptogen generate --config=./organizations/cryptogen/crypto-config-org2.yaml --output=organizations
org2.example.com
+ res=0
Creating Orderer Org Identities
+ cryptogen generate --config=./organizations/cryptogen/crypto-config-orderer.yaml --output=organizations
+ res=0
Generating CCP files for Org1 and Org2
/home/luis/Escritorio/Bchain/asset-Prueba/test-network/../bin/configtxgen
Generating Orderer Genesis block
+ configtxgen -profile TwoOrgsOrdererGenesis -channelID system-channel -outputBlock ./system-genesis-block/genesis.block
2021-03-31 08:50:54.035 CEST [common.tools.configtxgen] main -> INFO 001 Loading configuration
2021-03-31 08:50:54.047 CEST [common.tools.configtxgen.localconfig] completeInitialization -> INFO 002 orderer type: etcdraft
2021-03-31 08:50:54.047 CEST [common.tools.configtxgen.localconfig] completeInitialization -> INFO 003 Orderer.EtcdRaft.Options unset, setting to tick_interval:"500ms" election_tick:10 heartbeat_tick:1 max_inflight_blocks:5 snapshot_interval_size:16777216
2021-03-31 08:50:54.047 CEST [common.tools.configtxgen.localconfig] Load -> INFO 004 Loaded configuration: /home/luis/Escritorio/Bchain/asset-Prueba/test-network/configtx/configtx.yaml
2021-03-31 08:50:54.048 CEST [common.tools.configtxgen] doOutputBlock -> INFO 005 Generating genesis block
2021-03-31 08:50:54.049 CEST [common.tools.configtxgen] doOutputBlock -> INFO 006 Writing genesis block
+ res=0
Creating network "net_test" with the default driver
Creating volume "net_orderer.example.com" with default driver
Creating volume "net_peer0.org1.example.com" with default driver
Creating volume "net_peer0.org2.example.com" with default driver
Creating orderer.example.com ... done
Creating peer0.org2.example.com ... done
Creating peer0.org1.example.com ... done
Creating cli ... done
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a4ad5fed6957 hyperledger/fabric-ccenv:2.2 "/bin/sh -c '\nset -e…" 1 second ago Created epic_lichterman
64d6650eb7f1 hyperledger/fabric-ccenv:2.2 "/bin/sh -c '\nset -e…" 1 second ago Created kind_chaplygin
c9fe6c8f20f4 hyperledger/fabric-tools:latest "/bin/bash" 1 second ago Up Less than a second cli
1f20728228a3 hyperledger/fabric-peer:latest "peer node start" 3 seconds ago Up Less than a second 0.0.0.0:7051->7051/tcp peer0.org1.example.com
7732b7cd55d7 hyperledger/fabric-orderer:latest "orderer" 3 seconds ago Up Less than a second 0.0.0.0:7050->7050/tcp orderer.example.com
4a2c0207f3d2 hyperledger/fabric-peer:latest "peer node start" 3 seconds ago Up Less than a second 7051/tcp, 0.0.0.0:9051->9051/tcp peer0.org2.example.com
Then, i should can invoke orderer,not?
But when i try:
peer chaincode invoke -o localhost:7050 --ordererTLSHostnameOverride orderer.example.com --tls --cafile ${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem -C mychannel -n basic --peerAddresses localhost:7051 --tlsRootCertFiles ${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt --peerAddresses localhost:9051 --tlsRootCertFiles ${PWD}/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt -c '{"function":"getAllAssets","Args":[]}'
output:
Error: error endorsing invoke: rpc error: code = Unknown desc = error validating proposal: access denied: channel [mychannel] creator org [Org1MSP] - proposal response: <nil>
Then orderer go down
Thanks for support
any ideas?
edit 2:
more info:
docker ps -a
...
32ba6c3ff55d hyperledger/fabric-orderer:latest "orderer" About a minute ago Exited (2) 28 seconds ago orderer.example.com
My orderer go down 1 min after i get up it
according to your describe,in the tourial ,fabric version is v1.4.X,and the fabric you now use is v2.x.x,so in v1.4.x the test script is byfn.sh and in v2.x.x the test script is network.sh,these two scripts are different.
if you want to backup a fabric network and restore,you need just backup crypto-config(organizations in v2.x.x),ledger data which obtain from /var/hyperledger/fabric of docker container,and start your orderer and peer container ,you need not create channel or join channel ,you can query and invoke chaincode.
I have answer another question about restore fabric network,you can reference it In Hyperledger Fabric, is there a way to reuse the data of previous network?
--------------new answer-------------------------------
if you exec you peer chaincode invoke command in terminal,you should add this env,and you can invoke success.
## ebable tls
export CORE_PEER_TLS_ENABLED=true
#MSP ID
export CORE_PEER_LOCALMSPID="Org1MSP"
#ca.crt of peer0.org1.example.com , you should change it to absolute path
export CORE_PEER_TLS_ROOTCERT_FILE=crypto-config/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt
#msp of peer0.org1.example.com,you should change it to absolute path
export CORE_PEER_MSPCONFIGPATH=crypto-config/peerOrganizations/org1.example.com/users/Admin#org1.example.com/msp
#peer address,
export CORE_PEER_ADDRESS=localhost:7051

Error loading MSP configuration for org Org1MSP

I am facing a problem while creating the channel in HyperLedger Fabric Blockchain
ubuntu#Raghav:/mnt/c/fabric-samples/test-network$ ./network.sh createChannel
Creating channel 'mychannel'.
If network is not up, starting nodes with CLI timeout of '5' tries and CLI delay of '3' seconds and using database 'leveldb
Generating channel create transaction 'mychannel.tx'
configtxgen -profile TwoOrgsChannel -outputCreateChannelTx ./channel-artifacts/mychannel.tx -channelID mychannel
The logs are the following ones:
2020-10-17 12:16:23.571 IST [common.tools.configtxgen] main -> INFO 001 Loading configuration
2020-10-17 12:16:23.651 IST [common.tools.configtxgen.localconfig] Load -> INFO 002 Loaded configuration: /mnt/c/fabric-samples/test-network/configtx/configtx.yaml
2020-10-17 12:16:23.651 IST [common.tools.configtxgen] doOutputChannelCreateTx -> INFO 003 Generating new channel configtx
2020-10-17 12:16:23.668 IST [common.tools.configtxgen] main -> FATA 004 Error on outputChannelCreateTx: could not generate default config template: error parsing configuration: could not create application group: failed to create application org: 1 - Error loading MSP configuration for org Org1MSP: could not load a valid ca certificate from directory /mnt/c/fabric-samples/test-network/organizations/peerOrganizations/org1.example.com/msp/cacerts: stat /mnt/c/fabric-samples/test-network/organizations/peerOrganizations/org1.example.com/msp/cacerts: no such file or directory
+ res=1
Failed to generate channel configuration transaction...
Create channel failed

Hyperledger Fabric network - using JAVA sdk - ERROR while creating channel

Environment:
MacOS : 10.13.6
Golang : 1.11.8
Hyperledger Fabric : 1.4
Java : 1.8
Description:
I try to run an official JavaSDK Fabric app example.
I can deploy and run the app normally with the default configuration.
Then I make some changes in configtx.yaml (just some rules about generating blocks) and generate the binary tool configtxgen, then I use:
./configtxgen -profile TwoOrgsOrdererGenesis -outputBlock genesis.block
./configtxgen -profile TwoOrgsChannel -outputCreateChannelTx channel.tx -channelID mychannel
commands to regenerate channel.tx and genesis.block.
I use these new files to start the fabric network, and follow the steps of this page, but I get the following error while creating channel:
*org.hyperledger.fabric.sdk.exception.TransactionException: Channel mychannel, send transaction failed on orderer OrdererClient{id: 4, channel: mychannel, name: orderer.example.com, url: grpc://localhost:7050}. Reason: Channel mychannel orderer orderer.example.com status returned failure code 400 (BAD_REQUEST) during orderer next
Caused by: org.hyperledger.fabric.sdk.exception.TransactionException: Channel mychannel orderer orderer.example.com status returned failure code 400 (BAD_REQUEST) during orderer next*
The logs of orderer container say:
2020-08-26 10:25:33.469 UTC [orderer.common.broadcast] ProcessMessage -> WARN 009 [channel: mychannel] Rejecting broadcast of config message from 192.168.0.1:56440 because of error: error validating channel creation transaction for new channel 'mychannel', could not succesfully apply update to template configuration: error authorizing update: error validating DeltaSet: attempted to set key [Value] /Channel/Application/Org1MSP/AnchorPeers to version 1, but key does not exist
Anyone know the solution?
You have to update your Anchor peers too like they said on script.
cryptogen generate --config=./crypto-config.yaml
mkdir config
configtxgen -profile TwoOrgsOrdererGenesis -outputBlock ./config/genesis.block
configtxgen -profile TwoOrgsChannel -outputCreateChannelTx ./config/channel.tx -channelID mychannel
configtxgen -profile TwoOrgsChannel -outputAnchorPeersUpdate ./config/Org1MSPanchors.tx -channelID $CHANNEL_NAME -asOrg Org1MSP
configtxgen -profile TwoOrgsChannel -outputAnchorPeersUpdate ./config/Org2MSPanchors.tx -channelID $CHANNEL_NAME -asOrg Org2MSP
You can find details on build.sh script and have to uncomment out those lines.

hyperledger : error creating a Channel Configuration Transaction

I have been following this link : http://hyperledger-fabric.readthedocs.io/en/latest/build_network.html#troubleshoot for starting my first network, using byfn.sh file, and have executed all steps till
export CHANNEL_NAME=mychannel && ../bin/configtxgen -profile TwoOrgsChannel -outputCreateChannelTx ./channel-artifacts/channel.tx -channelID $CHANNEL_NAME
The error that I am getting is:
himani#himani-HP-Notebook:~/fabric-samples/first-network$ export CHANNEL_NAME=mychannelthis && ../bin/configtxgen -profile TwoOrgsChannel -outputCreateChannelTx ./channel-artifacts/channel.tx -channelID $CHANNEL_NAME2018-06-07 11:42:00.552 IST [common/tools/configtxgen] main -> INFO 001 Loading configuration
2018-06-07 11:42:00.560 IST [common/tools/configtxgen] doOutputChannelCreateTx -> INFO 002 Generating new channel configtx
2018-06-07 11:42:00.560 IST [msp] getMspConfig -> INFO 003 Loading NodeOUs
2018-06-07 11:42:00.561 IST [msp] getMspConfig -> INFO 004 Loading NodeOUs
2018-06-07 11:42:00.579 IST [common/tools/configtxgen] main -> CRIT 005 Error on outputChannelCreateTx: config update generation failure: could not parse application to application group: setting up the MSP manager failed: the supplied identity is not valid: x509: certificate signed by unknown authority (possibly because of "x509: ECDSA verification failure" while trying to verify candidate authority certificate "ca.org1.example.com")
I have tried variations of the command,
export CHANNEL_NAME=mychannelanother && ../bin/configtxgen -profile TwoOrgsChannel -outputCreateChannelTx ./channel-artifacts/channel.tx -channelID $CHANNEL_NAME
export CHANNEL_NAME=mychannelanother && ../bin/configtxgen -profile TwoOrgsChannel -outputCreateChannelTx ./channel-artifacts/channel.tx -channelID $mychannelanother
export CHANNEL_NAME=mychannel && ../bin/configtxgen -profile TwoOrgsChannel -outputCreateChannelTx ./channel-artifacts/channel.tx -channelID $mychannel
I even tried creating a channel without using byfn.sh file, but got a different error
himani#himani-HP-Notebook:~/fabric-samples/first-network$ peer channel create -o orderer.example.com:7050 -c mychannel -f ./channel-artifacts/channel.tx --tls --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem
No command 'peer' found, did you mean:
Command 'pear' from package 'php-pear' (main)
Command 'pee' from package 'moreutils' (universe)
Command 'peet' from package 'pipexec' (universe)
Command 'beer' from package 'gerstensaft' (universe)
peer: command not found
himani#himani-HP-Notebook:~/fabric-samples/first-network$ peer channel create -o orderer.example.com:7050 -c mychannelthis -f ./channel-artifacts/channel.tx --tls --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem
No command 'peer' found, did you mean:
Command 'pear' from package 'php-pear' (main)
Command 'pee' from package 'moreutils' (universe)
Command 'beer' from package 'gerstensaft' (universe)
Command 'peet' from package 'pipexec' (universe)
peer: command not found
I modified the /home/himani/fabric-samples/first-network/crypto-config/ordererOrganizations/example.com/tlsca/tlsca.example.com-cert.pem doc by referring to this link : https://gerrit.hyperledger.org/r/#/c/18177/ , and executed the command again, but to no avail.
Are my certificates outdated? Where can I find the right ones? Is the issue something else?
UPDATE:
After referring to a solution provided to a similar problem, Hyperledger Fabric v1.1.0 byfn tutorial on Ubuntu 16.04, I brought down my network and tried to clean up artifacts but I couldn't execute those commands. Channel artifacts folder is empty.
I couldn't execute those commands
This command is meant to add files in channel-artifacts folder, but for some reason the folder was not created automatically. On creating one, with adequate permissions, the command executed and genesis block was created.
I don't know if you have solved it or not, but there are some mistakes there.
himani#himani-HP-Notebook:~/fabric-samples/first-network$ export CHANNEL_NAME=mychannelthis && ../bin/configtxgen -profile TwoOrgsChannel -outputCreateChannelTx ./channel-artifacts/channel.tx -channelID $CHANNEL_NAME2018-06-07 11:42:00.552 IST [common/tools/configtxgen] main -> INFO 001 Loading configuration
2018-06-07 11:42:00.560 IST [common/tools/configtxgen] doOutputChannelCreateTx -> INFO 002 Generating new channel configtx
2018-06-07 11:42:00.560 IST [msp] getMspConfig -> INFO 003 Loading NodeOUs
2018-06-07 11:42:00.561 IST [msp] getMspConfig -> INFO 004 Loading NodeOUs
2018-06-07 11:42:00.579 IST [common/tools/configtxgen] main -> CRIT 005 Error on outputChannelCreateTx: config update generation failure: could not parse application to application group: setting up the MSP manager failed: the supplied identity is not valid: x509: certificate signed by unknown authority (possibly because of "x509: ECDSA verification failure" while trying to verify candidate authority certificate "ca.org1.example.com")
if you are following the tutorial, CHANNEL_NAME should be mychannel.
for the 3rd variations, it should be like this
export CHANNEL_NAME=mychannel && ../bin/configtxgen -profile TwoOrgsChannel -outputCreateChannelTx ./channel-artifacts/channel.tx -channelID $CHANNEL_NAME
for creating channel, peer channel create can only be send inside docker container.
If you are sending directly from command line, try this
docker exec -it yourCliContainerName peer channel create -o orderer.example.com:7050 -c mychannelthis -f ./channel-artifacts/channel.tx --tls --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem
but remember to start the container first.
hope this helps

Hyperledger Fabric v1.1.0 byfn tutorial on Ubuntu 16.04

root#sungil:~/fabric-samples/first-network# export CHANNEL_NAME=mychannel
root#sungil:~/fabric-samples/first-network# ../bin/configtxgen -profile TwoOrgsChannel -outputCreateChannelTx ./channel-artifacts/channel.tx -channelID $CHANNEL_NAME
2018-03-19 13:11:51.489 KST [common/tools/configtxgen] main -> INFO 001 Loading configuration
2018-03-19 13:11:51.494 KST [common/tools/configtxgen] doOutputChannelCreateTx -> INFO 002 Generating new channel configtx
2018-03-19 13:11:51.495 KST [msp] getMspConfig -> INFO 003 Loading NodeOUs
2018-03-19 13:11:51.495 KST [msp] getMspConfig -> INFO 004 Loading NodeOUs
2018-03-19 13:11:51.510 KST [common/tools/configtxgen] main -> CRIT 005 Error on outputChannelCreateTx: config update generation failure: could not parse application to application group: setting up the MSP manager failed: the supplied identity is not valid: x509: certificate signed by unknown authority (possibly because of "x509: ECDSA verification failure" while trying to verify candidate authority certificate "ca.org2.example.com")
I installed hyperledger fabric v1.1.0-rc1 using byfn.sh.
(Reference:
http://hyperledger-fabric.readthedocs.io/en/lastest/build_network.html)
But I got some failure. It's Fabric CA problem?
[executed]
./byfn.sh -m generate
./byfn.sh -m up
../bin/cryptogen generate --config=./crypto-config.yaml
export FABRIC_CFG_PATH=$PWD
../bin/configtxgen -profile TwoOrgsOrdererGenesis -outputBlock ./channel-artifacts/genesis.block
export CHANNEL_NAME=mychannel
./bin/configtxgen -profile TwoOrgsChannel -outputCreateChannelTx ./channel-artifacts/channel.tx -channelID $CHANNEL_NAME
my configtx.yaml is https://github.com/hyperledger/fabric-samples/blob/release-1.1/first-network/configtx.yaml
I faced a similar issue. What helped me was to start over.
Bring down the network: ./byfn.sh -m down
Clean up the generated artifacts
rm crypto-config
rm channel-artifacts
Then issue again the commands. This helped me, the channel.tx and other were successfully created. No need to change the configtx.yaml from the sample.
You don't have to delete files you just need to make sure that ./byfn.sh -m down was executed prior to steps in Crypto Generator section

Resources