Hyperledger Fabric中使用的外部x509证书签名和密钥算法的要求

时间:2020-10-16 16:49:13

标签: rsa hyperledger-fabric x509 ecdsa

我们正在尝试使用组织提供的证书(即不是由cryptogenfabric-ca-server生成的证书来建立测试网络)。 通过将所有提到的证书和密钥放在相应的文件夹中,我为peer0重新创建了MSP。 peer0启动时,遇到以下错误:

2020-10-16 14:33:34.269 UTC [bccsp] GetDefault -> DEBU 001 Before using BCCSP, please call InitFactories(). Falling back to bootBCCSP.
2020-10-16 14:33:34.314 UTC [bccsp] GetDefault -> DEBU 002 Before using BCCSP, please call InitFactories(). Falling back to bootBCCSP.
2020-10-16 14:33:34.325 UTC [bccsp_sw] openKeyStore -> DEBU 003 KeyStore opened at [/etc/hyperledger/fabric/msp/keystore]...done
2020-10-16 14:33:34.325 UTC [msp] getPemMaterialFromDir -> DEBU 004 Reading directory /etc/hyperledger/fabric/msp/signcerts
2020-10-16 14:33:34.326 UTC [msp] getPemMaterialFromDir -> DEBU 005 Inspecting file /etc/hyperledger/fabric/msp/signcerts/peer0.supplier.dlt.ericsson.com.cer
2020-10-16 14:33:34.326 UTC [msp] getPemMaterialFromDir -> DEBU 006 Reading directory /etc/hyperledger/fabric/msp/cacerts
2020-10-16 14:33:34.326 UTC [msp] getPemMaterialFromDir -> DEBU 007 Inspecting file /etc/hyperledger/fabric/msp/cacerts/root-ca.pem
2020-10-16 14:33:34.326 UTC [msp] getPemMaterialFromDir -> DEBU 008 Reading directory /etc/hyperledger/fabric/msp/admincerts
2020-10-16 14:33:34.326 UTC [msp] getPemMaterialFromDir -> DEBU 009 Reading directory /etc/hyperledger/fabric/msp/intermediatecerts
2020-10-16 14:33:34.326 UTC [msp] getPemMaterialFromDir -> DEBU 00a Inspecting file /etc/hyperledger/fabric/msp/intermediatecerts/intermediate-issuing-ca.pem
2020-10-16 14:33:34.326 UTC [msp] getPemMaterialFromDir -> DEBU 00b Reading directory /etc/hyperledger/fabric/msp/tlscacerts
2020-10-16 14:33:34.326 UTC [msp] getMspConfig -> DEBU 00c TLS CA certs folder at [/etc/hyperledger/fabric/msp/tlsintermediatecerts] is empty. Skipping.
2020-10-16 14:33:34.326 UTC [msp] getPemMaterialFromDir -> DEBU 00d Reading directory /etc/hyperledger/fabric/msp/crls
2020-10-16 14:33:34.326 UTC [msp] getMspConfig -> DEBU 00e crls folder not found at [/etc/hyperledger/fabric/msp/crls]. Skipping. [stat /etc/hyperledger/fabric/msp/crls: no such file or directory]
2020-10-16 14:33:34.326 UTC [msp] getMspConfig -> DEBU 00f Loading NodeOUs
2020-10-16 14:33:34.326 UTC [msp] newBccspMsp -> DEBU 010 Creating BCCSP-based MSP instance
2020-10-16 14:33:34.326 UTC [msp] New -> DEBU 011 Creating Cache-MSP instance
2020-10-16 14:33:34.326 UTC [msp] loadLocalMSP -> DEBU 012 Created new local MSP
2020-10-16 14:33:34.327 UTC [msp] Setup -> DEBU 013 Setting up MSP instance Org1MSP
2020-10-16 14:33:34.329 UTC [main] InitCmd -> ERRO 014 Cannot run peer because error when setting up MSP of type bccsp from directory /etc/hyperledger/fabric/msp: Failed importing key with opts [&{true}]: Certificate's public key type not recognized. Supported keys: [ECDSA]



Signature Algorithm: sha256WithRSAEncryption

Subject Public Key Info: Public Key Algorithm: id-ecPublicKey

1 个答案:

答案 0 :(得分:1)

在Hyperledger Fabric中,仅支持使用算法ECDSA生成的证书和签名。您可以在以下link of Hyperledger Fabric CA上找到有关此信息的更多信息。