[client-utils.js]: sendPeersProposal - Promise is rejected: Error:
Failed to deserialize creator identity, err The supplied identity is
not valid, Verify() returned x509: certificate signed by unknown
authority (possibly because of "x509: ECDSA verification failure"
while trying to verify candidate authority certificate
"ca.org1.example.com")
This is clearly related to wrong certificates. Cross check the certificates, if possible generate certificates for CA again using cryptogen and accordingly place the certificates in peers.
Related
I'm trying to create a channel for my hyperledger fabric network but I've been stuck for over two weeks with this error :
[policies] SignatureSetToValidIdentities -> WARN 00d invalid identity: certificate subject=CN=Admin#productionlaborg.supplychain.com,OU=admin,L=San Francisco,ST=California,C=US serialnumber=332150209750411695579251324251304242011 error="the supplied identity is not valid: x509: certificate signed by unknown authority (possibly because of "x509: ECDSA verification failure" while trying to verify candidate authority certificate "ca.productionlaborg.supplychain.com")"
know that I export the correct path of the "MSP folder" of the admin "Admin#productionlaborg" how created the channel.
Please I need Help
Is it possible to create a hyperledger fabric channel or no?
i am asking this because i have been stuck for more than two weeks with this error:
Error: got unexpected status: FORBIDDEN -- config update for existing channel did not pass initial checks: implicit policy evaluation failed - 0 sub-policies were satisfied, but this policy requires 1 of the 'Writers' sub-policies to be satisfied: permission denied"
know that I use the correct path of the "MSP folder" of the admin "Admin#productionlaborg" how created the channel, but I get also in the logs of orderer docker container this error:
Invalid identity: certificate subject=CN=Admin#productionlaborg.supplychain.com,OU=admin,L=San Francisco,ST=California,C=US serialnumber=209542001001378907007459857235386288226 error="the supplied identity is not valid: x509: certificate signed by unknown authority (possibly because of "x509: ECDSA verification failure" while trying to verify candidate authority certificate "ca.productionlaborg.supplychain.com")"
PLEASE I NEED HELP
In the Hyperledger Fabric official website, it states to use the fabric-ca-client reenroll if a certificate is about to expire. I tried to reenoll the certificates but an x.509 error occurred:
[grpc] createTransport -> DEBU bab grpc: addrConn.createTransport failed to connect to {orderer:7050 0 }. Err :connection error: desc = "transport: authentication handshake failed: x509: certificate signed by unknown authority". Reconnecting...
I have used the same CA to reenroll the certificate, I don't know why "unknown authority" error shown.
It would be grateful if anyone can give me a full steps for replacing the admin certificate for the Hyperledger Fabric.
You can use akc-dcm-cli. It support renew user of Hyperledger Fabric by running command:
dcm certificate renew --parent-cert=../data/intermediate-ca/signcerts/ica-cert.pem
--parent-private-key=../data/intermediate-ca/keystore/ica-key.pem
--old-cert=../data/peer/output/peer-cert.pem
--old-private-key=../data/peer/keystore/peer-key.pem
--output=../data/peer/output/renew-peer-cert.pem
--days=365
parent-cert and parent-private-key are key-pair of CA
old-cert and old-private-key are key-pair of expired user
output is the path of new cert
After renewing the cert, you replace the expired cert of the user with the new cert. Keep current private key of user' cert
I am trying to provide node SDK's for my existing blockchain application(modified balance transfer). i started my node server and while query or invoke the transaction using the restclient/postman, i am facing error as mentioned below in the node server terminal,
error: [client-utils.js]: sendPeersProposal - Promise is rejected:
Error: 2 UNKNOWN: Failed to deserialize creator identity, err The
supplied identity is not valid, Verify() returned x509: certificate
signed by unknown authority at new createStatusError
(/scratch/node_SDK/fabric-test/nodejs/node_modules/grpc/src/client.js:64:15)
at
/scratch/node_SDK/fabric-test/nodejs/node_modules/grpc/src/client.js:584:15
Can anybody please help me on this?
I'm using ubuntu 16.04. When i tried to customize the network configuration according my needs, i'm facing that error:
2018-03-20 22:54:33.547 UTC [cauthdsl] deduplicate -> ERRO 52c33 Principal deserialization failure (the supplied identity is not valid: x509: certificate signed by unknown authority (possibly because of "x509: ECDSA verification failure" while trying to verify candidate authority certificate "ca.blockchain-clone.iba"))
here is configtx.yaml content and cryptoconfig.yaml is here
What should i do to fix it?