Develop Reference

2022-09-21T11:36:52.296Z - error: [Channel.js]: Error: 14 UNAVAILABLE: failed to connect to all addresses

Help me please! I have hyperledger fabric network with configuration:
ca-tls
rca-org0
rca-org1
rca-org2
orderer1-org0 (solo)
peer1-org1
peer2-org1
peer1-org2
peer2-org2
I have this config.yaml file:
name: "Network"
version: "1.0"
channels:
mychannel:
orderers:
- orderer1-org0
peers:
peer1-org1:
endorsingPeer: true
chaincodeQuery: true
ledgerQuery: true
eventSource: true
discover: true
peer2-org1:
endorsingPeer: false
chaincodeQuery: true
ledgerQuery: true
eventSource: true
discover: false
peer1-org2:
endorsingPeer: true
chaincodeQuery: true
ledgerQuery: true
eventSource: true
discover: true
peer2-org2:
endorsingPeer: false
chaincodeQuery: true
ledgerQuery: true
eventSource: true
discover: false
organizations:
org0:
mspid: org0MSP
orderers:
- orderer1-org0
certificateAuthorities:
- rca-org0
adminPrivateKey:
path: path/to/org0/admin/msp/keystore/key.pem
signCert:
path: path/to/org0/admin/msp/signcerts/cert.pem
org1:
mspid: org1MSP
peers:
- peer1-org1
# - peer2-org1
certificateAuthorities:
- rca-org1
adminPrivateKey:
path: path/to/org1/admin/msp/keystore/key.pem
signedCert:
path: path/to/org1/admin/msp/signcerts/cert.pem
org2:
mspid: org2MSP
peers:
- peer1-org2
# - peer2-org2
certificateAuthorities:
- rca-org2
adminPrivateKey:
path: path/to/org2/admin/msp/keystore/key.pem
signedCert:
path: path/to/org2/admin/msp/signcerts/cert.pem
orderers:
orderer1-org0:
url: grpcs://orderer1-org0:7050
grpcOptions:
ssl-target-name-override: orderer1-org0
grpc-max-send-message-length: 4194304
tlsCACerts:
path: path/to/org0/msp/tlscacerts/tls-ca-cert.pem
peers:
peer1-org1:
url: grpcs://172.19.0.9:7051
grpcOptions:
ssl-target-name-override: peer1-org1
grpc.keepalive_time_ms: 600000
tlsCACerts:
path: path/to/org0/msp/tlscacerts/tls-ca-cert.pem
peer2-org1:
url: grpcs://172.19.0.9:7051
grpcOptions:
ssl-target-name-override: peer2-org1
grpc.keepalive_time_ms: 600000
tlsCACerts:
path: path/to/org0/msp/tlscacerts/tls-ca-cert.pem
peer1-org2:
url: grpcs://172.19.0.9:7051
grpcOptions:
ssl-target-name-override: peer1-org2
grpc.keepalive_time_ms: 600000
tlsCACerts:
path: path/to/org0/msp/tlscacerts/tls-ca-cert.pem
peer2-org2:
url: grpcs://172.19.0.9:7051
grpcOptions:
ssl-target-name-override: peer2-org2
grpc.keepalive_time_ms: 600000
tlsCACerts: path/to/org0/msp/tlscacerts/tls-ca-cert.pem
certificateAuthorities:
ca-tls:
url: https://0.0.0.0:7062
httpOptions:
verify: false
tlsCACerts:
path: path/to/org0/msp/tlscacerts/tls-ca-cert.pem
registrar:
- enrollId: tls-ca-admin
enrollSecret: tls-ca-adminpw
caName: ca-tls
rca-org0:
url: https://0.0.0.0:7063
httpOptions:
verify: false
tlsCACerts:
path: path/to/org0/msp/tlscacerts/tls-ca-cert.pem
registrar:
- enrollId: rca-org0-admin
enrollSecret: rca-org0-adminpw
caName: rca-org0
rca-org1:
url: https://0.0.0.0:7064
httpOptions:
verify: false
tlsCACerts:
path: path/to/org0/msp/tlscacerts/tls-ca-cert.pem
registrar:
- enrollId: rca-org1-admin
enrollSecret: rca-org1-adminpw
caName: rca-org1
rca-org2:
url: https://0.0.0.0:7065
httpOptions:
verify: false
tlsCACerts:
path: path/to/org0/msp/tlscacerts/tls-ca-cert.pem
registrar:
- enrollId: rca-org2-admin
enrollSecret: rca-org2-adminpw
caName: rca-org2
My API code below:
// create mychannel instance
let channel = new Channel('mychannel', client1);
// get certificates from couchdb wallet
let couchdbWallet = await Wallets.newCouchDBWallet("http://xxxxx:xxxxxxx#localhost:5984");
let user5 = await couchdbWallet.get('user5');
if (user5) {
let user5Cert = user5.credentials.certificate;
let user5Key = user5.credentials.privateKey;
let mspId = 'org1MSP';
await client1.initCredentialStores();
let cryptoSuite = client1.getCryptoSuite();
let keyObj = await cryptoSuite.importKey(user5Key);
let user5PubKey = keyObj._key.pubKeyHex;
let user5PrvKeyHex = keyObj._key.prvKeyHex;
let signer = new Signer(cryptoSuite, keyObj);
// create instance of signing identity
let signingIdentity = new SigningIdentity(
user5Cert,
user5PubKey,
'org1MSP',
cryptoSuite,
signer
);
// 1. generate unsigned transaction proposal
let transactionProposal = {
fcn: 'Mint',
args: ['1000'],
chaincodeId: 'token-erc-20',
channelId: 'mychannel'
}
let { proposal, txId } = await channel.generateUnsignedProposal(
transactionProposal,
mspId,
user5Cert,
true
);
console.log('*******proposal*****:\n', proposal);
console.log('*******Tx Id******\n', txId);
// now we have the 'unsigned proposal' for this tx
// 2. calculate the hash of the tx proposal bytes
let proposalBytes = proposal.toBuffer(); // the proposal comes from step 1
// 3. calculate the signature for this tx proposal
let signedProposal = signingIdentity.sign(proposalBytes);
console.log('********signedProposal********\n:', signedProposal);
// 4. send the signed tx proposal to peer(s)
let tlscaRootCert = readFileSync(tlscaRootCertPATH, { encoding: 'utf-8' });
console.log('tlscaRootCert: ', typeof tlscaRootCert);
let peer1org1 = client1.newPeer('grpcs://172.19.0.9:7051',
{
pem: tlscaRootCert,
}
);
let targets = new Array();
targets.push(peer1org1);
let sendSignedProposalReq = { signedProposal, targets };
let proposalResponses = await channel.sendSignedProposal(sendSignedProposalReq);
// check the proposal responces, if all good, commit the tx
// 5. similar to step 1, generate an unsigned tx
let commitReq = {
proposalResponses,
proposal,
};
let commitProposal = await channel.generateUnsignedTransaction(commitReq);
/// 6. similar to step 3, sign the unsigned tx with the user's private key
let commitProposalBytes = commitProposal.toBuffer();
let signedCommitProposal = signingIdentity.sign(commitProposalBytes);
// 7. commit the signed tx
let response = await channel.sendSignedTransaction({
signedTransaction: signedCommitProposal,
request: commitReq,
});
console.log('**********response from orderer after commit signed tx********\n', response);
// response.status should be 'SUCCESS' if the commit succeed
if (response.status === 'SUCCESS') {
// connect to event channel hub
let eventChannelHub = new ChannelEventHub(channel);
// 8. similar to step 1, generate an unsigned eventHub registration for the ChannelEventHub
let unsigneEvent = eventChannelHub.generateUnsignedRegistration({
certificate: user5Cert,
mspId
});
// 9. similar to step 3, sign the unsigned eventhub registration with the user's private key
let unsignEventBytes = unsigneEvent.toBuffer();
let signedEvent = signingIdentity.sign(unsignEventBytes);
// 10. register this ChannelEventHub at peer
let connectEventChannel = eventChannelHub.connect({ signedEvent });
console.log('***********connectEventChannel*********\n', connectEventChannel);
}
}
I try to submit transaction.
But every time I receive this error:
docker-compose.yaml logs
2022-09-21T11:36:52.296Z - error: [Channel.js]: Error: 14 UNAVAILABLE: failed to connect to all addresses
peer1-org1 container logs:
2022-09-21 11:25:08.606 UTC 0062 WARN [endorser] ProcessProposal -> Failed to preProcess proposal error="error validating proposal: access denied: channel [mychannel] creator org [org1MSP]"
2022-09-21 11:25:08.606 UTC 0063 INFO [comm.grpc.server] 1 -> unary call completed grpc.service=protos.Endorser grpc.method=ProcessProposal grpc.peer_address=172.19.0.1:59086 error="error validating proposal: access denied: channel [mychannel] creator org [org1MSP]" grpc.code=Unknown grpc.call_duration=15.47295ms
Also I receive this error now:
2022-09-21T13:01:10.858Z - error: [Channel.js]: sendTransaction - no valid endorsements found
How can I resolve this problem?

From peer logs, it seems like transaction submitter is not having access to the channel. Make sure the user identify is valid and the user's organization joined the channel. This error may come also if the MSP name given is wrong. MSP name is case sensitive.

What is needed to use 1 central certificate authority for all the organization on Hyperledger Fabric v1.4?

Based on Hyperldeger Fabric is created a network on which there are:1 orderer, 1 ca, 1 couchdb, 1 cli, 1 peer
Afterwards, is added a new org with: 1 peer, 1 couchdb and 1 cli
Until this stage there is no error. All the containers are running. Then is enrolled the ca admin. Still no problem. The admin is connected with no problem. I want to create admin for the new organization.
enrollandregisterNewAdmin.js
const gateway = new Gateway();
await gateway.connect(ccpPath, { wallet, identity: 'admin', discovery: { enabled: true, asLocalhost: true } });
const ca = gateway.getClient().getCertificateAuthority();
const adminIdentity = gateway.getCurrentIdentity();
const secret = await ca.register({
affiliation: 'org1.department1',
enrollmentID: 'adminOrg3',
role: 'client',
attrs: [ {"name": "hf.Registrar.Roles", "value": "client"},
{"name": "hf.Registrar.DelegateRoles", "value": "client"},
{"name": "hf.Revoker", "value": "true"},
{"name": "hf.IntermediateCA", "value": "true"},
{"name": "hf.GenCRL", "value": "true"},
{"name": "hf.AffiliationMgr", "value": "true"},
{"name": "hf.Registrar.Attributes", "value": "hf.Registrar.Roles,hf.Registrar.DelegateRoles,hf.Revoker,hf.IntermediateCA,hf.GenCRL,hf.Registrar.Attributes,hf.AffiliationMgr"} ] }
, adminIdentity);
const enrollment = await ca.enroll({ enrollmentID: 'adminOrg3', enrollmentSecret: secret});
const userIdentity = X509WalletMixin.createIdentity('Org3MSP', enrollment.certificate, enrollment.key.toBytes());
await wallet.import('adminOrg3', userIdentity);
Finally the certificates of 'adminOrg3' are imported to the wallet with no error. But when I am trying to invoke/query with the 'adminOrg3'. I receive this error:
[Channel.js]: Channel:byfn received discovery error:access denied
[Channel.js]: Error: Channel:byfn Discovery error:access denied
error: [Network]: _initializeInternalChannel: Unable to initialize channel. Attempted to contact 1 Peers. Last error was Error: Channel:byfn Discovery error:access denied
This is a common error when the wallet exists from a previous deployment. But the wallet is deleted each time the network is restarted.
docker logs peer0.org3.example.com
2021-02-22 10:21:09.588 UTC [cauthdsl] deduplicate -> ERRO 082 Principal deserialization failure (the supplied identity is not valid: x509: certificate signed by unknown authority) for identity 0
My config file for new org
docker-compose-org3.yaml
version: '2'
volumes:
peer0.org3.example.com:
networks:
byfn:
services:
peer0.org3.example.com:
container_name: peer0.org3.example.com
extends:
file: base/peer-base.yaml
service: peer-base
environment:
- CORE_PEER_ID=peer0.org3.example.com
- CORE_PEER_ADDRESS=peer0.org3.example.com:11051
- CORE_PEER_LISTENADDRESS=0.0.0.0:11051
- CORE_PEER_CHAINCODEADDRESS=peer0.org3.example.com:11052
- CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:11052
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.org3.example.com:11051
- CORE_PEER_LOCALMSPID=Org3MSP
volumes:
- /var/run/:/host/var/run/
- ./org3-artifacts/crypto-config/peerOrganizations/org3.example.com/peers/peer0.org3.example.com/msp:/etc/hyperledger/fabric/msp
- ./org3-artifacts/crypto-config/peerOrganizations/org3.example.com/peers/peer0.org3.example.com/tls:/etc/hyperledger/fabric/tls
- peer0.org3.example.com:/var/hyperledger/production
ports:
- 11051:11051
networks:
- byfn
Org3cli:
container_name: Org3cli
image: hyperledger/fabric-tools:$IMAGE_TAG
tty: true
stdin_open: true
environment:
- GOPATH=/opt/gopath
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
- FABRIC_LOGGING_SPEC=INFO
#- FABRIC_LOGGING_SPEC=DEBUG
- CORE_PEER_ID=Org3cli
- CORE_PEER_ADDRESS=peer0.org3.example.com:11051
- CORE_PEER_LOCALMSPID=Org3MSP
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org3.example.com/peers/peer0.org3.example.com/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org3.example.com/peers/peer0.org3.example.com/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org3.example.com/peers/peer0.org3.example.com/tls/ca.crt
- CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org3.example.com/users/Admin#org3.example.com/msp
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: /bin/bash
volumes:
- /var/run/:/host/var/run/
- ./../chaincode/:/opt/gopath/src/github.com/chaincode
- ./org3-artifacts/crypto-config:/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/
- ./crypto-config/peerOrganizations/org1.example.com:/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com
-./scripts:/opt/gopath/src/github.com/hyperledger/fabric/peer/scripts/
depends_on:
- peer0.org3.example.com
networks:
- byfn
Is it possible under the same affiliation to exist different MSPs?
Is needed any change to the configuration files?

Just to clarify few things ...
did you add the new org on the channel before trying to connect with the new org user?
are you running the peers in docker containers and use volumes for the peer file system mapping? - It may happen that the peers still load the content of the old channels...
-Tsvetan

ECONNREFUSED error while setting up calipeer

I was setting up hyperledger caliper to test a fabcar network and got ECONNREFUFUSED error multiple times. It said that it failed to enroll admin.
I setup the test network using ./startFabric.sh javascript in fabcar repo of fabric-samples.
Then I used docker-compose to start caliper( used docker-compose up in caliper-benchmarks ).
This is the docker-compose file that I used:
version: '2'
services:
caliper:
container_name: caliper
image: hyperledger/caliper:0.3.2
command: launch master --caliper-flow-only-test --caliper-fabric-gateway-usegateway --caliper-fabric-gateway-discovery
environment:
- CALIPER_BIND_SUT=fabric:2.1.0
- CALIPER_BENCHCONFIG=benchmarks/samples/fabric/fabcar/config1.yaml
- CALIPER_NETWORKCONFIG=networks/fabric/network-config.yaml
volumes:
- ~/caliper-benchmarks:/hyperledger/caliper/workspace
networks:
- net_test
networks:
net_test:
external: "true"
This was my network-config.yaml file:
name: Fabric
version: "1.0"
mutual-tls: false
caliper:
blockchain: fabric
#command:
#start: export FABRIC_VERSION=2.1.0;export FABRIC_CA_VERSION=1.4.4;docker-compose -f networks/fabric/naman/docker-compose/2org1peercouchdb_solo_raft/docker-compose-tls.yaml up -d;sleep 3s
#end: docker-compose -f networks/fabric/naman/docker-compose/2org1peercouchdb_solo_raft/docker-compose-tls.yaml down;(test -z \"$(docker ps -aq)\") || docker rm $(docker ps -aq);(test -z \"$(docker images dev* -q)\") || docker rmi $(docker images dev* -q);rm -rf /tmp/hfc-*
info:
Version: 2.1.0
Size: 2 Orgs with 1 Peer
Orderer: Raft
Distribution: Single Host
StateDB: CouchDB
clients:
admin.Org1:
client:
organization: Org1
connection:
timeout:
peer:
endorser: 300
orderer: 300
#credentialStore:
#path: /tmp/hfc-kvs/org1
#cryptoStore:
#path: /tmp/hfc-cvs/org1
#clientPrivateKey:
#path: networks/fabric/naman/peerOrganizations/org1.example.com/users/User1#org1.example.com/msp/keystore/40fa9f923f527b11be8c05bb1a2d166a5c2cc43ee2d425b53cdb82836479206d_sk
#clientSignedCert:
#path: networks/fabric/naman/peerOrganizations/org1.example.com/users/User1#org1.example.com/msp/signcerts/cert.pem
admin.Org2:
client:
organization: Org2
connection:
timeout:
peer:
endorser: 300
orderer: 300
#credentialStore:
#path: /tmp/hfc-kvs/org2
#cryptoStore:
#path: /tmp/hfc-cvs/org2
#clientPrivateKey:
#path: networks/fabric/naman/peerOrganizations/org2.example.com/users/User1#org2.example.com/msp/keystore/cdc22e2ec274bf9d5ec0700b420c5e7423a2be73112f3bdc6565d7d45f9ae643_sk
#clientSignedCert:
#path: networks/fabric/naman/peerOrganizations/org2.example.com/users/User1#org2.example.com/msp/signcerts/cert.pem
User1:
client:
organization: Org1
connection:
timeout:
peer:
endorser: 300
orderer: 300
User2:
client:
organization: Org2
connection:
timeout:
peer:
endorser: 300
orderer: 300
wallet: networks/wallet
channels:
mychannel:
configBinary: networks/mychannel.tx
created: true
#definition:
#capabilities: []
#consortium: 'SampleConsortium'
#msps: ['Org1MSP', 'Org2MSP']
#version: 0
orderers:
- orderer.example.com
peers:
peer0.org1.example.com:
eventSource: true
peer0.org2.example.com:
eventSource: true
#peer1.org1.example.com:
#eventSource: true
#peer1.org2.example.com:
#eventSource: true
chaincodes:
#- id: marbles
# version: v0
#language: node
#path: src/fabric/naman/samples/marbles/node
#metadataPath: src/fabric/naman/samples/marbles/node/metadata
- id: fabcar_1
version: "1.0"
language: node
path: src/fabric/samples/fabcar/javascript1
organizations:
Org1:
mspid: Org1MSP
peers:
- peer0.org1.example.com
certificateAuthorities:
- ca.org1.example.com
adminPrivateKey:
path: networks/fabric/naman/peerOrganizations/org1.example.com/users/Admin#org1.example.com/msp/keystore/5f63f8056561fdd7e62566d62d3f3fddeff12836e3151ec160ef228df008e56b_sk
signedCert:
path: networks/fabric/naman/peerOrganizations/org1.example.com/users/Admin#org1.example.com/msp/signcerts/cert.pem
Org2:
mspid: Org2MSP
peers:
- peer0.org2.example.com
#- peer1.org2.example.com
certificateAuthorities:
- ca.org2.example.com
adminPrivateKey:
path: networks/fabric/naman/peerOrganizations/org2.example.com/users/Admin#org2.example.com/msp/keystore/fc78c38deead140e8164625a839c44966371fcb17608362c2c78a506670bd290_sk
signedCert:
path: networks/fabric/naman/peerOrganizations/org2.example.com/users/Admin#org2.example.com/msp/signcerts/cert.pem
orderers:
orderer.example.com:
url: grpcs://localhost:7050
grpcOptions:
ssl-target-name-override: orderer.example.com
tlsCACerts:
path: networks/fabric/naman/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem
peers:
peer0.org1.example.com:
url: grpcs://localhost:7051
tlsCACerts:
pem: |
-----BEGIN CERTIFICATE-----
MIICJjCCAc2gAwIBAgIUOKOEL9yThPFiI22Rj2ehP2/8BpEwCgYIKoZIzj0EAwIw
cDELMAkGA1UEBhMCVVMxFzAVBgNVBAgTDk5vcnRoIENhcm9saW5hMQ8wDQYDVQQH
EwZEdXJoYW0xGTAXBgNVBAoTEG9yZzEuZXhhbXBsZS5jb20xHDAaBgNVBAMTE2Nh
Lm9yZzEuZXhhbXBsZS5jb20wHhcNMjAwNjMwMDcxNjAwWhcNMzUwNjI3MDcxNjAw
WjBwMQswCQYDVQQGEwJVUzEXMBUGA1UECBMOTm9ydGggQ2Fyb2xpbmExDzANBgNV
BAcTBkR1cmhhbTEZMBcGA1UEChMQb3JnMS5leGFtcGxlLmNvbTEcMBoGA1UEAxMT
Y2Eub3JnMS5leGFtcGxlLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABHeO
KBmJfaW5TmEVYDJPFUuibx8O+ju3qhHIXFbCnfjz91WnoIUhQXxtfs2Ajyr2ywWk
N9T15plIKgGBe5YZB6+jRTBDMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAG
AQH/AgEBMB0GA1UdDgQWBBQYlGorkJ3HFJu/uGPNy753+gbMmDAKBggqhkjOPQQD
AgNHADBEAiAe2nP1fUp4UtqMqVEyd9yzMPNbMBjVA3pFtsw5AThu6AIgPF30jUUm
Ey2vOMKY6mmfZalsJIcyp6ysxPfDaMnq09I=
-----END CERTIFICATE-----
grpcOptions:
ssl-target-name-override: peer0.org1.example.com
hostnameOverride: peer0.org1.example.com
peer0.org2.example.com:
url: grpcs://localhost:9051
tlsCACerts:
pem: |
-----BEGIN CERTIFICATE-----
MIICHzCCAcWgAwIBAgIUGyDeO2bl0XWI29+/h+MNiybkdaowCgYIKoZIzj0EAwIw
bDELMAkGA1UEBhMCVUsxEjAQBgNVBAgTCUhhbXBzaGlyZTEQMA4GA1UEBxMHSHVy
c2xleTEZMBcGA1UEChMQb3JnMi5leGFtcGxlLmNvbTEcMBoGA1UEAxMTY2Eub3Jn
Mi5leGFtcGxlLmNvbTAeFw0yMDA2MzAwNzE2MDBaFw0zNTA2MjcwNzE2MDBaMGwx
CzAJBgNVBAYTAlVLMRIwEAYDVQQIEwlIYW1wc2hpcmUxEDAOBgNVBAcTB0h1cnNs
ZXkxGTAXBgNVBAoTEG9yZzIuZXhhbXBsZS5jb20xHDAaBgNVBAMTE2NhLm9yZzIu
ZXhhbXBsZS5jb20wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQlkzwJM7JneAQo
VVrvGGJSzhIryum1oXjNEx01rlc0IawgRzMZdeD10kPIFc0xnTyfCwIJCoVNnS/B
cCuU/WvFo0UwQzAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBATAd
BgNVHQ4EFgQUG68pu74VjkUe6MxLutjnBKC0VvowCgYIKoZIzj0EAwIDSAAwRQIh
AKH17YHSHWrGSbwHMNt7TtnQo/IpKyr2P10jHKIVgEoKAiBNic1oFFzyO/xV74ju
8Al0TaGFj222ThdzyT3JrZyGqw==
-----END CERTIFICATE-----
grpcOptions:
ssl-target-name-override: peer0.org2.example.com
hostnameOverride: peer0.org2.example.com
certificateAuthorities:
ca.org1.example.com:
url: https://localhost:7054
caName: ca-org1
tlsCACerts:
pem: |
-----BEGIN CERTIFICATE-----
MIICJjCCAc2gAwIBAgIUOKOEL9yThPFiI22Rj2ehP2/8BpEwCgYIKoZIzj0EAwIw
cDELMAkGA1UEBhMCVVMxFzAVBgNVBAgTDk5vcnRoIENhcm9saW5hMQ8wDQYDVQQH
EwZEdXJoYW0xGTAXBgNVBAoTEG9yZzEuZXhhbXBsZS5jb20xHDAaBgNVBAMTE2Nh
Lm9yZzEuZXhhbXBsZS5jb20wHhcNMjAwNjMwMDcxNjAwWhcNMzUwNjI3MDcxNjAw
WjBwMQswCQYDVQQGEwJVUzEXMBUGA1UECBMOTm9ydGggQ2Fyb2xpbmExDzANBgNV
BAcTBkR1cmhhbTEZMBcGA1UEChMQb3JnMS5leGFtcGxlLmNvbTEcMBoGA1UEAxMT
Y2Eub3JnMS5leGFtcGxlLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABHeO
KBmJfaW5TmEVYDJPFUuibx8O+ju3qhHIXFbCnfjz91WnoIUhQXxtfs2Ajyr2ywWk
N9T15plIKgGBe5YZB6+jRTBDMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAG
AQH/AgEBMB0GA1UdDgQWBBQYlGorkJ3HFJu/uGPNy753+gbMmDAKBggqhkjOPQQD
AgNHADBEAiAe2nP1fUp4UtqMqVEyd9yzMPNbMBjVA3pFtsw5AThu6AIgPF30jUUm
Ey2vOMKY6mmfZalsJIcyp6ysxPfDaMnq09I=
-----END CERTIFICATE-----
httpOptions:
verify: false
registrar:
- enrollId: admin
enrollSecret: adminpw
ca.org2.example.com:
url: https://localhost:8054
caName: ca-org2
tlsCACerts:
pem: |
-----BEGIN CERTIFICATE-----
MIICHzCCAcWgAwIBAgIUGyDeO2bl0XWI29+/h+MNiybkdaowCgYIKoZIzj0EAwIw
bDELMAkGA1UEBhMCVUsxEjAQBgNVBAgTCUhhbXBzaGlyZTEQMA4GA1UEBxMHSHVy
c2xleTEZMBcGA1UEChMQb3JnMi5leGFtcGxlLmNvbTEcMBoGA1UEAxMTY2Eub3Jn
Mi5leGFtcGxlLmNvbTAeFw0yMDA2MzAwNzE2MDBaFw0zNTA2MjcwNzE2MDBaMGwx
CzAJBgNVBAYTAlVLMRIwEAYDVQQIEwlIYW1wc2hpcmUxEDAOBgNVBAcTB0h1cnNs
ZXkxGTAXBgNVBAoTEG9yZzIuZXhhbXBsZS5jb20xHDAaBgNVBAMTE2NhLm9yZzIu
ZXhhbXBsZS5jb20wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQlkzwJM7JneAQo
VVrvGGJSzhIryum1oXjNEx01rlc0IawgRzMZdeD10kPIFc0xnTyfCwIJCoVNnS/B
cCuU/WvFo0UwQzAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBATAd
BgNVHQ4EFgQUG68pu74VjkUe6MxLutjnBKC0VvowCgYIKoZIzj0EAwIDSAAwRQIh
AKH17YHSHWrGSbwHMNt7TtnQo/IpKyr2P10jHKIVgEoKAiBNic1oFFzyO/xV74ju
8Al0TaGFj222ThdzyT3JrZyGqw==
-----END CERTIFICATE-----
httpOptions:
verify: false
registrar:
- enrollId: admin
enrollSecret: adminpw
This is the benchmark-config file used:
---
test:
workers:
type: local
number: 1
rounds:
- label: Query all cars.
txDuration: 30
rateControl:
type: fixed-backlog
opts:
unfinished_per_client: 5
arguments:
assets: 10
startKey: '1'
endKey: '50'
callback: benchmarks/samples/fabric/fabcar/queryAllCars.js
- label: Query a car.
txDuration: 30
rateControl:
type: fixed-backlog
opts:
unfinished_per_client: 5
arguments:
assets: 10
callback: benchmarks/samples/fabric/fabcar/queryCar.js
- label: Create a car.
txDuration: 30
rateControl:
type: fixed-backlog
opts:
unfinished_per_client: 5
callback: benchmarks/samples/fabric/fabcar/createCar.js
monitor:
type:
- docker
docker:
name:
- all
interval: 1
This is the error I was getting:
aliper | 2020-06-26T14:15:31.749Z - error: [FabricCAClientService.js]: Failed to enroll admin, error:%o message=Calling enrollment endpoint failed with error [Error: connect ECONNREFUSED 127.0.0.1:7054], stack=Error: Calling enrollment endpoint failed with error [Error: connect ECONNREFUSED 127.0.0.1:7054]
caliper | at ClientRequest.request.on (/home/node/.npm-global/lib/node_modules/fabric-ca-client/lib/FabricCAClient.js:484:12)
caliper | at ClientRequest.emit (events.js:198:13)
caliper | at TLSSocket.socketErrorListener (_http_client.js:392:9)
caliper | at TLSSocket.emit (events.js:198:13)
caliper | at emitErrorNT (internal/streams/destroy.js:91:8)
caliper | at emitErrorAndCloseNT (internal/streams/destroy.js:59:3)
caliper | at process._tickCallback (internal/process/next_tick.js:63:19)
I was using fabric 2.1.0 and caliper 0.3.2. I specified net-test in docker-compose to make sure caliper container is in the same network as fabric.
Can someone please help?

Hyperledger fabric Failed to submit transaction: Error: No endorsement plan available for {"chaincodes":[{"name":"fabcar"}]}

I am using the hyperledger fabric network using the basic network from fabric sample. Basic network consist of one orderer and one peer. I have install the fab car chain code in network and join the channel.Please suggest me how to add Endorsement policy to chaincode, Below are command i used to initiate the chain code
1. peer chaincode install -n fabcar -p github.com/ -v 1.1
2. peer chaincode instantiate -o orderer.example.com:7050 -C mychannel -c '{"Args":[]}' -n fabcar -v 1.1 -P "OR('Org1MSP.peer','Org1MSP.admin','Org1MSP.member')"
I am using the fabric sdk for query the fabcar it works well. But if i try to invoke chaincode its give me error stating
Failed to submit transaction: Error: No endorsement plan available for {"chaincodes":[{"name":"fabcar"}]}
config Tx
Organizations:
# SampleOrg defines an MSP using the sampleconfig. It should never be used
# in production but may be used as a template for other definitions
- &OrdererOrg
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: OrdererOrg
# ID to load the MSP definition as
ID: OrdererMSP
# MSPDir is the filesystem path which contains the MSP configuration
MSPDir: crypto-config/ordererOrganizations/example.com/msp
- &Org1
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: Org1MSP
# ID to load the MSP definition as
ID: Org1MSP
MSPDir: crypto-config/peerOrganizations/org1.example.com/msp
AnchorPeers:
# AnchorPeers defines the location of peers which can be used
# for cross org gossip communication. Note, this value is only
# encoded in the genesis block in the Application section context
- Host: peer0.org1.example.com
Port: 7051
Application: &ApplicationDefaults
# Organizations is the list of orgs which are defined as participants on
# the application side of the network
Organizations:
Orderer: &OrdererDefaults
# Orderer Type: The orderer implementation to start
# Available types are "solo" and "kafka"
OrdererType: solo
Addresses:
- orderer.example.com:7050
# Batch Timeout: The amount of time to wait before creating a batch
BatchTimeout: 2s
# Batch Size: Controls the number of messages batched into a block
BatchSize:
# Max Message Count: The maximum number of messages to permit in a batch
MaxMessageCount: 10
# Absolute Max Bytes: The absolute maximum number of bytes allowed for
# the serialized messages in a batch.
AbsoluteMaxBytes: 99 MB
# Preferred Max Bytes: The preferred maximum number of bytes allowed for
# the serialized messages in a batch. A message larger than the preferred
# max bytes will result in a batch larger than preferred max bytes.
PreferredMaxBytes: 512 KB
Kafka:
# Brokers: A list of Kafka brokers to which the orderer connects
# NOTE: Use IP:port notation
Brokers:
- 127.0.0.1:9092
# Organizations is the list of orgs which are defined as participants on
# the orderer side of the network
Organizations:
Profiles:
OneOrgOrdererGenesis:
Orderer:
<<: *OrdererDefaults
Organizations:
- *OrdererOrg
Consortiums:
SampleConsortium:
Organizations:
- *Org1
OneOrgChannel:
Consortium: SampleConsortium
Application:
<<: *ApplicationDefaults
Organizations:
- *Org1
crypto-config
OrdererOrgs:
# ---------------------------------------------------------------------------
# Orderer
# ---------------------------------------------------------------------------
- Name: Orderer
Domain: example.com
# ---------------------------------------------------------------------------
# "Specs" - See PeerOrgs below for complete description
# ---------------------------------------------------------------------------
Specs:
- Hostname: orderer
PeerOrgs:
# ---------------------------------------------------------------------------
# Org1
# ---------------------------------------------------------------------------
- Name: Org1
Domain: org1.example.com
Template:
Count: 1
Users:
Count: 1
Invoke function
async function Invoke(userwallet,usename,channelName,chaincodeName) {
try {
// Create a new file system based wallet for managing identities.
const walletPath = path.join(process.cwd(), 'wallet');
const wallet = new FileSystemWallet(walletPath);
console.log(`Wallet path: ${walletPath}`);
// Check to see if we've already enrolled the user.
const userExists = await wallet.exists(userwallet);
if (!userExists) {
console.log('An identity for the user "user1" does not exist in the wallet');
console.log('Run the registerUser.js application before retrying');
return;
}
// Create a new gateway for connecting to our peer node.
const gateway = new Gateway();
await gateway.connect(ccp, { wallet, identity: usename, discovery: { enabled: true, asLocalhost: true} });
// Get the network (channel) our contract is deployed to.
const network = await gateway.getNetwork(channelName);
// Get the contract from the network.
const contract = network.getContract(chaincodeName);
// Submit the specified transaction.
// createCar transaction - requires 5 argument, ex: ('createCar', 'CAR12', 'Honda', 'Accord', 'Black', 'Tom')
// changeCarOwner transaction - requires 2 args , ex: ('changeCarOwner', 'CAR10', 'Dave')
await contract.submitTransaction('createCar','CAR12', 'Honda', 'Accord', 'Black', 'Tom');
//await contract.submitTransaction('changeCarOwner', 'CAR10', 'Dave');
console.log('Transaction has been submitted');
// Disconnect from the gateway.
await gateway.disconnect();
} catch (error) {
console.error(`Failed to submit transaction: ${error}`);
process.exit(1);
}
}
module.exports.Invoke = Invoke

It is weird, Let's do some trial and error
Try to make changes in the below snippet. This removes the policy do not worry a default policy will be applicable
peer chaincode instantiate -o orderer.example.com:7050 -C mychannel -c '{"Args":[]}' -n fabcar -v 1.1

peer endorsement policy not working hyperledger fabric

I am trying to enforce simple endorsement policy for 2 org network. Here is my crypto-config.yaml
OrdererOrgs:
- Name: Orderer
Domain: example.com
Specs:
- Hostname: orderer
PeerOrgs:
- Name: Org1
Domain: org1.example.com
EnableNodeOUs: true
# CA:
# OrganizationalUnit: peer
Template:
Count: 1
Users:
Count: 1
- Name: Org2
Domain: org2.example.com
EnableNodeOUs: true
# CA:
# OrganizationalUnit: peer
Template:
Count: 1
Users:
Count: 1
And i can see OU as peer in both peers.
peer0.org2.example.com
Identity: peer0.org2.example.com
Verified by: ca.org2.example.com
Expires: Saturday 23 December 2028
Subject Name
C (Country): US
ST (State): California
L (Locality): San Francisco
OU (Organizational Unit): peer
CN (Common Name): peer0.org2.example.com
endorsement policy for member check works
peer chaincode instantiate -o orderer.example.com:7050 -C mychannel -n chaincode -l node -v v0 -c '{"args":["init"]}' -P "AND('Org1MSP.member', 'Org2MSP.member')"
but endorsement policy for peer check not working
peer chaincode instantiate -o orderer.example.com:7050 -C mychannel -n chaincode -l node -v v0 -c '{"args":["init"]}' -P "AND('Org1MSP.peer', 'Org2MSP.peer')"
When i invoke any function.
Transaction failed to be committed to the ledger due to ::ENDORSEMENT_POLICY_FAILURE
even "OR('Org1MSP.peer', 'Org2MSP.peer')" not working

PeerOrgs:
- Name: Org1
Domain: org1.example.com
EnableNodeOUs: true
# CA:
# OrganizationalUnit: peer
Template:
Count: 1
Users:
Count: 1
......... TEMPLATE COUNT s/b changed to 2 as there are now 2 Orgs