我有一个HLF网络,其中有两个组织(每个组织一个对等体)和三个订购节点,订购类型为木筏。对于第一个组织加入和同行,更新工作没有任何问题,但是对于第二个组织,我在同行更新中遇到了一些麻烦
这是我用于对等更新的命令
peer channel update \
-o orderer1.base.order:7050 \
-c basechannel \
-f ./channel-artifacts/BaseRightOrg.tx \
--tls \
--cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/base.order/orderers/orderer1.base.order/msp/tlscacerts/tlsca.base.order-cert.pem
我得到的错误是
错误:出现意外状态:BAD_REQUEST-应用配置错误更新到现有频道“ basechannel”:授权更新时出错:验证DeltaSet时出错:[组]的策略/ Channel / Application / RightOrgMSP不满足:签名集不正确符合政策
这里是上述组织的configtx
部分
- &Org2
Name: RightOrgMSP
ID: RightOrgMSP
MSPDir: crypto-config/peerOrganizations/base.right/msp
Policies:
Readers:
Type: Signature
Rule: "OR('RightOrgMSP.admin', 'RightOrgMSP.peer', 'RightOrgMSP.client','RightOrgMSP.member')"
Writers:
Type: Signature
Rule: "OR('RightOrgMSP.admin','RightOrgMSP.peer', 'RightOrgMSP.client','RightOrgMSP.member')"
Admins:
Type: Signature
Rule: "OR('LeftOrgMSP.admin','RightOrgMSP.peer')"
Endorsement:
Type: Signature
Rule: "OR('RightOrgMSP.peer')"
AnchorPeers:
- Host: peer1.base.right
Port: 9051
cafile
/ opt / gopath / src / github.com / hyperledger / fabric / peer / crypto / ordererOrganizations / base.order / orderers / orderer1.base.order / msp / tlscacerts / tlsca.base.order-cert.pem
在上面的行中更改证书的位置和密钥。
在组织下的configtx中,您只能为该组织指定管理员,不能同时为两者指定。
&Org2
Name: RightOrgMSP
ID: RightOrgMSP
MSPDir: crypto-config/peerOrganizations/base.right/msp
Policies:
Readers:
Type: Signature
Rule: "OR('RightOrgMSP.admin', 'RightOrgMSP.peer', 'RightOrgMSP.client','RightOrgMSP.member')"
Writers:
Type: Signature
Rule: "OR('RightOrgMSP.admin','RightOrgMSP.peer', 'RightOrgMSP.client','RightOrgMSP.member')"
Admins:
Type: Signature
Rule: "OR('RightOrgMSP.admin')"
Endorsement:
Type: Signature
Rule: "OR('RightOrgMSP.peer')"
AnchorPeers:
- Host: peer1.base.right
Port: 9051
问题不在于此,但请检查您的频道申请政策部分,如果是管理员下的MAJORITY Admins必须由两个组织签署此频道更新。一旦通过所有交易(在这种情况下占多数)签署,您的更新就可以使用。
Application: &ApplicationDefaults
# Organizations is the list of orgs which are defined as participants on
# the application side of the network
Organizations:
# Policies defines the set of policies at this level of the config tree
# For Application policies, their canonical path is
# /Channel/Application/<PolicyName>
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
如果仍然无法执行,请共享完整的configtx。