I built a Fabric network with multiple orgs and tls enabled. Crypto material was built with cryptogen. I do not intend to use fabric-ca in my example.
I installed and instantiated fabcar through CLI. Invoke and Query with CLI commands work as charm.
Now, for the purpose of using nodejs scripts query.js and invoke.js I concatenated a private and public key in order to create PeerAdmin credential for Fabcar. I also altered a configuration in .js files to aim at peers and orderers with grpcs.
Whenever I execute any .js script, I am constantly getting the following error:
Create a client and set the wallet location
Set wallet path, and associate user PeerAdmin with application
Check user is enrolled, and set a query URL in the network
Caught Error Error: PEM encoded certificate is required.
at new Endpoint (/home/hl/fabcar/node_modules/fabric-client/lib/Remote.js:146:11)
at new Remote (/home/hl/fabcar/node_modules/fabric-client/lib/Remote.js:95:20)
at new Peer (/home/hl/fabcar/node_modules/fabric-client/lib/Peer.js:53:3)
at Client.newPeer (/home/hl/fabcar/node_modules/fabric-client/lib/Client.js:173:14)
at Promise.resolve.then.then.then (/home/hl/fabcar/query.js:39:28)
at <anonymous>
When I try to query the chaincode without grpcs I receive the following error:
Create a client and set the wallet location
Set wallet path, and associate user PeerAdmin with application
Check user is enrolled, and set a query URL in the network
Make query
Assigning transaction_id: 9cbf355cda03db2b1971fe10af27d66686ea9b913eda80f667cac48bada015bf
error: [client-utils.js]: sendPeersProposal - Promise is rejected: Error: Endpoint read failed
at /home/hl/fabcar/node_modules/grpc/src/client.js:554:15
returned from query
Query result count = 1
error from query = { Error: Endpoint read failed
at /home/hl/fabcar/node_modules/grpc/src/client.js:554:15 code: 14, metadata: Metadata { _internal_repr: {} } }
Response is Error: Endpoint read failed
PeerAdmin content:
{"name":"PeerAdmin","mspid":"PeerOrgMSP","roles":null,"affiliation":"","enrollmentSecret":"","enrollment":{"signingIdentity":"[...]","identity":{"certificate":"-----BEGIN CERTIFICATE-----\n[...]-----END CERTIFICATE-----\n"}}}
Any help in pointing me to a right procedure or troubleshooting with the above would be greatly appreciated.
I understand that you are going to do a fabcar without a Fabric CA.
If so, you can't use the Node.js application because it is using user context and you didn't enroll user context.
But you want to use fabcar without CA, you can invoke or query transaction as cli.
connect to cli container, if you use fabcar, cli-container-name is 'cli' so
docker exec -it cli bash
In cli container, you can invoke or query transaction. as the example below
peer chaincode query -C mychannel -n fabcar -c '{"Args":["queryAllCars",""]}'
peer chaincode query -C mychannel -n fabcar -c '{"Args":["queryCar","CAR4"]}'
invoking transaction is same
When you enable gRPCs you must pass the pem as a parameter in the instantiation of the various Hyperledger element objects (e.g. peer, orderer). In the case of the fabcar example (invoke.js):
// This is a new line
var options = {
tls_cert: {
pem: fs.readFileSync(path.join(__dirname, './network/tls') + '/peer.cert').toString(),
}
};
...
// Replace the original instantiation by adding the pem option
var peer = fabric_client.newPeer('grpcs://fft-zbc03a.4.secure.blockchain.ibm.com:26268', {
pem: options.tls_cert.pem
});
channel.addPeer(peer);
// Replace the original instantiation by adding the pem option
var order = fabric_client.newOrderer('grpcs://fft-zbc03b.4.secure.blockchain.ibm.com:20161', {
pem: options.tls_cert.pem
})
...
// Replace the original instantiation by adding the pem option
event_hub.setPeerAddr('grpcs://fft-zbc03a.4.secure.blockchain.ibm.com:23972', {
pem: options.tls_cert.pem
});
The code above assumes that you downloaded the right certificates to network/tls/. These certificates can be downloaded by sending requests to the CA. For a full example refer to the Bluemix documentation here.
Related
I'm currently trying to get the example for hyperledger fabric working. I get as far as starting the chaincode successfully using the deployCC script, and get the expected printout of all the cars after running the script. However, when I get to the next step of manually querying the network, I run into issue. I've run the exports for org1 as specified, and verified that the paths match and the tls cert and mspconfig exist in those locations. However, when I try to run the query command:
peer chaincode query -C mychannel -n fabcar -c '{"Args":["queryAllCars"]}'
I get the following error printout:
Error: error getting endorser client for query: endorser client failed to connect to 0.0.0.0:7051: failed to create new connection: context deadline exceeded
I would expect to get the same printout as at the end of the deployCC script, and I can't figure out why that isn't happening. Any help in diagnosing this is appreciated!
If it matters, I'm running this in a VM with Ubuntu 20.04. All the prerequisites are fresh installations of the latest versions from the last couple of days.
Liam, if you are able to see all the cars at the end of deployCC, then it might be an environment variables issue. Remember that you have to execute the peer chaincode query -C mychannel -n fabcar -c '{"Args":["queryAllCars"]}' command in the same terminal where you ran deployCC because the environment variables are all set in that window.
We can do a couple of things to confirm:
Paste the output from DeployCC at the end, right after (and including)
Querying chaincode on peer0.org1...
Using organization
Print the following environment variables from the terminal window where you are executing deployCC and from the terminal window where you are executing the peer chaincode query -C mychannel -n fabcar -c '{"Args":["queryAllCars"]}' command
CORE_PEER_LOCALMSPID,
CORE_PEER_TLS_ROOTCERT_FILE,
CORE_PEER_MSPCONFIGPATH,
CORE_PEER_ADDRESS.
See if they match?
I'm trying to run the Hyperledger Fabric network, which consists of a single orderer, a single peer, and a cli. To learn the procedure of launching Hyperledger Fabric network, from creating crypto-related artifacts to running cli as a docker container, I execute them one by one.
Everything is okay, but when I try to instantiate the installed chaincode, the peer produces channel [reputationch]: MSP error: channel doesn't exist (reputationch is my channel name) and the instantiation has been failed.
(Check the below screenshot)
I'm not sure that this warning on the peer node causes the failure of the instantiation of chaincode, but I guess it is the reason.
My crypto-config.yaml and configtx.yaml are like below. They are nothing special because I just modified some names based on the official example.
crytp-config.yaml and configtx.yaml
And the script to create crypto-related artifacts based on the above yaml files is:
script to create crypto-related artifacts
My running scripts to launch an orderer, a peer, and a cli are like below. It calls docker commands.
running scripts to launch an orderer, a peer, and a cli
After I launch a cli, I connect the cli using docker exec -it cli bash. Then, I run three commands, which work well without an error or a warning:
peer channel create -o orderer.operator.com:7050 -c reputationch -f ./channel-artifacts/reputation-channel.tx
peer channel update -o orderer.operator.com:7050 -c reputationch -f ./channel-artifacts/Company1anchors.tx
peer chaincode install -n mycc -v 1.0 -p github.com/hyperledger/fabric/examples/chaincode/go/
Then, the following command is failed.
peer chaincode instantiate -o orderer.operator.com:7050 -C reputationch -n mycc -v 1.0 -c '{"Args":["init","a", "100", "b","200"]}' -P "OR ('Company1MSP.peer')"
My version information is:
macOS: macOS High Sierra 10.13.3
Go: 1.10
Docker: Version 18.03.0-ce-mac59 (23608)
Hyperledger Fabric: 1.1
cryptogen: 1.1.0
configtxgen: 1.1.0
Any kind of comment or help will be very great for me. Thanks.
Basically you also need your peers to join your channels. Which it seems like you are not doing here. If your peers do not join any channel, you will be getting this error. Make sure that your peers join channel before installing chaincode.
peer channel join -b $CHANNEL_NAME.block
I tried two different tutorials:
This one to deploy docker images locally:
https://github.com/hyperledger/fabric-samples
I tried the fabcar sample. Everything works fine. I'm able to enroll the admin, register a user and invoke transactions using this user identity. Nice.
The second one to deploy a fabric composer playground on bluemix:
https://ibm-blockchain.github.io/setup/
I was able to get into the composer playground and deploy business network examples. I'm also able to upload and deploy my own business networks I designed locally with composer-cli. I exposed the network over a Rest Server with admin rights in order to test the transactions. All works fine.
Now it comes to my problem. I want to combine both examples (just for fun, learning by doing:)). I want to deploy the fabcar samples network to the kubernetes environment on bluemix and interact with the network using the fabric node sdk like in example 1. So I made following changes in the scripts/yaml files of example 2:
adapt the chaincode installation procedure
in the create_all.sh. line 41 (for peer 1) and line 45 (for peer 2). I changed the values of the env variables CHAINCODE_NAME and CHAINCODE_VERSION
echo "=> CREATE_ALL: Running Install Chaincode on Org1 Peer1" CHAINCODE_NAME="fabcar" CHAINCODE_VERSION="1.0" MSP_CONFIGPATH="/shared/crypto-config/peerOrganizations/org1.example.com/users/Admin#org1.example.com/msp" PEER_MSPID="Org1MSP" PEER_ADDRESS="blockchain-org1peer1:30110" create/chaincode_install.sh
in the chaincode_install.yaml.base line 16, I changed the path of the chaincode. I forked the https://github.com/hyperledger/fabric and added the fabcar.go chaincode from example 1 to the new repository https://github.com/bigbelette/fabric
command: ["sh", "-c", "git clone https://github.com/bigbelette/fabric $GOPATH/src/github.com/bigbelette/fabric/ && peer chaincode install -n ${CHAINCODE_NAME} -v ${CHAINCODE_VERSION} -p github.com/bigbelette/fabric/examples/chaincode/go/fabcar/"]
adapt the chaincode instantiation procedure:
in the create_all.sh. line 49. I changed the values of the env variables CHAINCODE_NAME and CHAINCODE_VERSION:
CHANNEL_NAME="channel1" CHAINCODE_NAME="fabcar" CHAINCODE_VERSION="1.0" MSP_CONFIGPATH="/shared/crypto-config/peerOrganizations/org1.example.com/users/Admin#org1.example.com/msp" PEER_MSPID="Org1MSP" PEER_ADDRESS="blockchain-org1peer1:30110" create/chaincode_instantiate.sh
In the chaincode_instantiate.yaml.base, I made the parameter list empty:
command: ["sh", "-c", "peer chaincode instantiate -o blockchain-orderer:31010 -C ${CHANNEL_NAME} -n ${CHAINCODE_NAME} -v ${CHAINCODE_VERSION} -c '{\"Args\":[\"\"]}'"]
The deployment on the cluster works without an error. In the fabcar examples node js file enrollAdmin, regiserUser, query and invoke, I changed the channel name (from mychannel to channel1) and the IPs and ports to match to the online kubernetes services:
enrollAdmin.js and registerUser.js work fine so I can get the certificates and store it in the key store. But when I try to invoke a transaction, i get the following error:
It seems the CA which gave me the certificates is not recognized by the peers. But there is only one CA in my network!? Or is it a problem in the MSP definition (something I still dont understand well).
Thanks for your help.
I finally found the error.
My network has 1 CA (the root CA, named ca) and 2 "sub" CAs (ca1 und ca2). I was enrolling admin and user directly by the root CA because I didnt mention the name of the ca in the parameters of the Fabric_CA_Client class:
fabric_ca_client = new Fabric_CA_Client('http://184.173.5.108:30054', tlsOption, crypto_suite)
Without the name, the used CA will be the default CA (Root CA in my case). But the signature of user certificates by the root CA wont be recognized by the peers. Only the signatures from the last hierarchical CA levels will be accepted. So the solution was to refer the name of the CA:
fabric_ca_client = new Fabric_CA_Client('http://184.173.5.108:30054', tlsOptions , 'CA1', crypto_suite)
It works. Now the user can invoke transactions.
I am trying to access the remote peer from SDK using Hyperledger Fabric using following code
var peer = new Peer('Remote path', PemFile name)
it is giving me error that
Error: PEM encoded certificate is required.
I have tried reading file, using string every thing. Please advise me what I am doing wrong here
This is sorted.
It should be like this
var peer = newPeer('Remote Path', {
pem: 'PEM file name' })
To add a new peer in Hyperledger Fabric I am using following command
peer = client.newPeer('grpcs://localhost:7051')
getting following error
PEM encoded certificate is required
Please help!
You can find PEM certificate in first-network folder and in connection-org1/org2.json.
Just start your network and after starting it copy the PEM certi.