开始设置
FABRIC_CA_SERVER_CA_KEYFILE=/etc/hyperledger/fabric-ca-server-config/*_sk
想着偷懒了,结果启动失败了。
查看docker日志
2018/12/04 08:34:51 [INFO] Created default configuration file at /etc/hyperledger/fabric-ca-server/fabric-ca-server-config.yaml
2018/12/04 08:34:51 [INFO] Starting server in home directory: /etc/hyperledger/fabric-ca-server
2018/12/04 08:34:51 [INFO] Server Version: 1.1.0
2018/12/04 08:34:51 [INFO] Server Levels: &{Identity:1 Affiliation:1 Certificate:1}
2018/12/04 08:34:51 [DEBUG] Making server filenames absolute
2018/12/04 08:34:51 [DEBUG] Initializing default CA in directory /etc/hyperledger/fabric-ca-server
2018/12/04 08:34:51 [DEBUG] Init CA with home /etc/hyperledger/fabric-ca-server and config {Version:1.1.0 Cfg:{Identities:{AllowRemove:false} Affiliations:{AllowRemove:false}} CA:{Name:ca_peerOrg1 Keyfile:/etc/hyperledger/fabric-ca-server-config/*_sk Certfile:/etc/hyperledger/fabric-ca-server-config/ca.org1.domain-cert.pem Chainfile:ca-chain.pem} Signing:0xc420331fe0 CSR:{CN:fabric-ca-server Names:[{C:US ST:North Carolina L: O:Hyperledger OU:Fabric SerialNumber:}] Hosts:[ecba2fffd2a0 localhost] KeyRequest:<nil> CA:0xc4202c7cc0 SerialNumber:} Registry:{MaxEnrollments:-1 Identities:[{ Name:**** Pass:**** Type:client Affiliation: MaxEnrollments:0 Attrs:map[hf.Registrar.Roles:peer,orderer,client,user hf.Registrar.DelegateRoles:peer,orderer,client,user hf.Revoker:1 hf.IntermediateCA:1 hf.GenCRL:1 hf.Registrar.Attributes:* hf.AffiliationMgr:1] }]} Affiliations:map[org2:[department1] org1:[department1 department2]] LDAP:{ Enabled:false URL:ldap://****:****@<host>:<port>/<base> UserFilter:(uid=%s) GroupFilter:(memberUid=%s) Attribute:{[uid member] [{ }] map[groups:[{ }]]} TLS:{false [] { }} } DB:{ Type:sqlite3 Datasource:fabric-ca-server.db TLS:{false [] { }} } CSP:0xc420332570 Client:<nil> Intermediate:{ParentServer:{ URL: CAName: } TLS:{Enabled:false CertFiles:[] Client:{KeyFile: CertFile:}} Enrollment:{ Name: Secret:**** Profile: Label: CSR:<nil> CAName: AttrReqs:[] }} CRL:{Expiry:24h0m0s}}
2018/12/04 08:34:51 [DEBUG] CA Home Directory: /etc/hyperledger/fabric-ca-server
2018/12/04 08:34:51 [DEBUG] Checking configuration file version '1.1.0' against server version: '1.1.0'
2018/12/04 08:34:51 [DEBUG] Initializing BCCSP: &{ProviderName:SW SwOpts:0xc4203325d0 PluginOpts:<nil> Pkcs11Opts:<nil>}
2018/12/04 08:34:51 [DEBUG] Initializing BCCSP with software options &{SecLevel:256 HashFamily:SHA2 Ephemeral:false FileKeystore:0xc420341c60 DummyKeystore:<nil>}
2018/12/04 08:34:51 [DEBUG] Initialize key material
2018/12/04 08:34:51 [DEBUG] Making CA filenames absolute
2018/12/04 08:34:51 [DEBUG] Closing server DBs
Error: Failed to find private key for certificate in '/etc/hyperledger/fabric-ca-server-config/ca.org1.domain-cert.pem': Could not find matching private key for SKI: Failed getting key for SKI [[19 52 108 167 159 179 62 120 196 109 82 224 83 77 50 118 187 251 162 68 154 149 26 61 132 167 202 68 191 46 67 205]]: Key with SKI 13346ca79fb33e78c46d52e0534d3276bbfba2449a951a3d84a7ca44bf2e43cd not found in /etc/hyperledger/fabric-ca-server/msp/keystore
后来在程序开始之前sleep进去查看,映射没问题,手动启动还是失败
原启动命令:fabric-ca-server start -b admin:adminpw -d
换个启动命令:fabric-ca-server start --ca.certfile /etc/hyperledger/fabric-ca-server-config/ca.org1.example.com-cert.pem --ca.keyfile /etc/hyperledger/fabric-ca-server-config/ab2e8cc5908032f0d83556e5e4a6146218f313884fb42fbdb446a4b5b3d32baf_sk -b admin:adminpw -d
第二条可以成功,成功之后,第一条也行了,看来不能用*匹配
老老实实填充吧,或者直接把目录映射倒msp/keystore,或者第二条命令,但是第二天也要获取sk
启动配置>环境变量>配置文件>默认