Hyperledger Fabric对等更新失败:签名集不满足策略

问题描述 投票:0回答:2

我有一个HLF网络,其中有两个组织(每个组织一个对等体)和三个订购节点,订购类型为木筏。对于第一个组织加入和同行,更新工作没有任何问题,但是对于第二个组织,我在同行更新中遇到了一些麻烦

这是我用于对等更新的命令

peer channel update \
    -o orderer1.base.order:7050 \
    -c basechannel \
    -f ./channel-artifacts/BaseRightOrg.tx \
    --tls \
    --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/base.order/orderers/orderer1.base.order/msp/tlscacerts/tlsca.base.order-cert.pem

我得到的错误是

错误:出现意外状态:BAD_REQUEST-应用配置错误更新到现有频道“ basechannel”:授权更新时出错:验证DeltaSet时出错:[组]的策略/ Channel / Application / RightOrgMSP不满足:签名集不正确符合政策

这里是上述组织的configtx部分

 - &Org2
        Name: RightOrgMSP
        ID: RightOrgMSP
        MSPDir: crypto-config/peerOrganizations/base.right/msp
        Policies:
            Readers:
                Type: Signature
                Rule: "OR('RightOrgMSP.admin', 'RightOrgMSP.peer', 'RightOrgMSP.client','RightOrgMSP.member')"
            Writers:
                Type: Signature
                Rule: "OR('RightOrgMSP.admin','RightOrgMSP.peer', 'RightOrgMSP.client','RightOrgMSP.member')"
            Admins:
                Type: Signature
                Rule: "OR('LeftOrgMSP.admin','RightOrgMSP.peer')"
            Endorsement:
                Type: Signature
                Rule: "OR('RightOrgMSP.peer')"     

        AnchorPeers:
            - Host: peer1.base.right
              Port: 9051
hyperledger-fabric hyperledger
2个回答
0
投票

cafile

/ opt / gopath / src / github.com / hyperledger / fabric / peer / crypto / ordererOrganizations / base.order / orderers / orderer1.base.order / msp / tlscacerts / tlsca.base.order-cert.pem

在上面的行中更改证书的位置和密钥。

0
投票

在组织下的configtx中,您只能为该组织指定管理员,不能同时为两者指定。

 &Org2
    Name: RightOrgMSP
    ID: RightOrgMSP
    MSPDir: crypto-config/peerOrganizations/base.right/msp
    Policies:
        Readers:
            Type: Signature
            Rule: "OR('RightOrgMSP.admin', 'RightOrgMSP.peer', 'RightOrgMSP.client','RightOrgMSP.member')"
        Writers:
            Type: Signature
            Rule: "OR('RightOrgMSP.admin','RightOrgMSP.peer', 'RightOrgMSP.client','RightOrgMSP.member')"
        Admins:
            Type: Signature
            Rule: "OR('RightOrgMSP.admin')"
        Endorsement:
            Type: Signature
            Rule: "OR('RightOrgMSP.peer')"     

    AnchorPeers:
        - Host: peer1.base.right
          Port: 9051

问题不在于此,但请检查您的频道申请政策部分,如果是管理员下的MAJORITY Admins必须由两个组织签署此频道更新。一旦通过所有交易(在这种情况下占多数)签署,您的更新就可以使用。

Application: &ApplicationDefaults

# Organizations is the list of orgs which are defined as participants on
# the application side of the network
Organizations:

# Policies defines the set of policies at this level of the config tree
# For Application policies, their canonical path is
#   /Channel/Application/<PolicyName>
Policies:
    Readers:
        Type: ImplicitMeta
        Rule: "ANY Readers"
    Writers:
        Type: ImplicitMeta
        Rule: "ANY Writers"
    Admins:
        Type: ImplicitMeta
        Rule: "MAJORITY Admins"

如果仍然无法执行,请共享完整的configtx。

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.