From 9e8b744823a6d9a0dd5cd4d84baf57385855d0a0 Mon Sep 17 00:00:00 2001 From: Gopal Unnikrishnan Date: Sun, 13 Mar 2022 21:39:35 -0500 Subject: [PATCH] Configure explorer --- explorer/config.json | 9 + explorer/connection-profile/test-network.json | 48 +++ explorer/docker-compose.yaml | 58 +++ explorer/organizations/ccp-generate.sh | 45 ++ explorer/organizations/ccp-template.json | 49 +++ explorer/organizations/ccp-template.yaml | 35 ++ .../cryptogen/crypto-config-orderer.yaml | 22 + .../cryptogen/crypto-config-org1.yaml | 61 +++ .../cryptogen/crypto-config-org2.yaml | 61 +++ .../fabric-ca/ordererOrg/IssuerPublicKey | Bin 0 -> 843 bytes .../ordererOrg/IssuerRevocationPublicKey | 5 + .../fabric-ca/ordererOrg/ca-cert.pem | 13 + .../ordererOrg/fabric-ca-server-config.yaml | 406 ++++++++++++++++++ .../fabric-ca/ordererOrg/fabric-ca-server.db | Bin 0 -> 65536 bytes ...6cbd1ffd05d03c62d18ecde3bb8fdd72c9ef593_sk | 5 + .../msp/keystore/IssuerRevocationPrivateKey | 6 + .../ordererOrg/msp/keystore/IssuerSecretKey | 1 + ...4e67082fa64ba211b0bcfb14c9384576452aca4_sk | 5 + .../fabric-ca/ordererOrg/tls-cert.pem | 15 + .../fabric-ca/org1/IssuerPublicKey | 20 + .../fabric-ca/org1/IssuerRevocationPublicKey | 5 + .../organizations/fabric-ca/org1/ca-cert.pem | 14 + .../org1/fabric-ca-server-config.yaml | 406 ++++++++++++++++++ .../fabric-ca/org1/fabric-ca-server.db | Bin 0 -> 69632 bytes ...f97cd688fd75494544bbccb4ae6aa51c6d9e7dc_sk | 5 + ...ca3f590206f5516d4818573b89daa5f269726c2_sk | 5 + .../msp/keystore/IssuerRevocationPrivateKey | 6 + .../org1/msp/keystore/IssuerSecretKey | 1 + .../organizations/fabric-ca/org1/tls-cert.pem | 16 + .../fabric-ca/org2/IssuerPublicKey | Bin 0 -> 843 bytes .../fabric-ca/org2/IssuerRevocationPublicKey | 5 + .../organizations/fabric-ca/org2/ca-cert.pem | 14 + .../org2/fabric-ca-server-config.yaml | 406 ++++++++++++++++++ .../fabric-ca/org2/fabric-ca-server.db | Bin 0 -> 65536 bytes ...d01cc262fb531e911a26f5e43f1e7e8d78adbb1_sk | 5 + .../msp/keystore/IssuerRevocationPrivateKey | 6 + .../org2/msp/keystore/IssuerSecretKey | 1 + ...faa085e17d9f8e8cc2eb14ec4bf6e6e1bc7dd25_sk | 5 + .../organizations/fabric-ca/org2/tls-cert.pem | 16 + .../organizations/fabric-ca/registerEnroll.sh | 247 +++++++++++ .../example.com/fabric-ca-client-config.yaml | 168 ++++++++ .../example.com/msp/IssuerPublicKey | Bin 0 -> 843 bytes .../example.com/msp/IssuerRevocationPublicKey | 5 + .../msp/cacerts/localhost-9054-ca-orderer.pem | 13 + .../example.com/msp/config.yaml | 14 + ...d0972c91901c26f70220415bb8773a9f95211a6_sk | 5 + .../example.com/msp/signcerts/cert.pem | 14 + .../msp/tlscacerts/tlsca.example.com-cert.pem | 13 + .../orderer.example.com/msp/IssuerPublicKey | Bin 0 -> 843 bytes .../msp/IssuerRevocationPublicKey | 5 + .../msp/cacerts/localhost-9054-ca-orderer.pem | 13 + .../orderer.example.com/msp/config.yaml | 14 + ...3dd0752204815703041f7399e0e163b98ec2007_sk | 5 + .../msp/signcerts/cert.pem | 17 + .../msp/tlscacerts/tlsca.example.com-cert.pem | 13 + .../orderer.example.com/tls/IssuerPublicKey | Bin 0 -> 843 bytes .../tls/IssuerRevocationPublicKey | 5 + .../orderers/orderer.example.com/tls/ca.crt | 13 + ...49a2a9e0a631f39f3078ca3a944d91e22bba88a_sk | 5 + .../orderer.example.com/tls/server.crt | 18 + .../orderer.example.com/tls/server.key | 5 + .../tls/signcerts/cert.pem | 18 + .../tls-localhost-9054-ca-orderer.pem | 13 + .../tlsca/tlsca.example.com-cert.pem | 13 + .../Admin@example.com/msp/IssuerPublicKey | Bin 0 -> 843 bytes .../msp/IssuerRevocationPublicKey | 5 + .../msp/cacerts/localhost-9054-ca-orderer.pem | 13 + .../users/Admin@example.com/msp/config.yaml | 14 + ...4e41228191e35af730dcedc2c10bdbc5d4540ee_sk | 5 + .../Admin@example.com/msp/signcerts/cert.pem | 16 + .../ca/ca.org1.example.com-cert.pem | 14 + .../org1.example.com/connection-org1.json | 49 +++ .../org1.example.com/connection-org1.yaml | 63 +++ .../fabric-ca-client-config.yaml | 168 ++++++++ .../org1.example.com/msp/IssuerPublicKey | 20 + .../msp/IssuerRevocationPublicKey | 5 + .../msp/cacerts/localhost-7054-ca-org1.pem | 14 + .../org1.example.com/msp/config.yaml | 14 + ...48c959f39e88cd1ea643003cb9c25d1e80a8094_sk | 5 + .../org1.example.com/msp/signcerts/cert.pem | 15 + .../org1.example.com/msp/tlscacerts/ca.crt | 14 + .../msp/IssuerPublicKey | 20 + .../msp/IssuerRevocationPublicKey | 5 + .../msp/cacerts/localhost-7054-ca-org1.pem | 14 + .../peer0.org1.example.com/msp/config.yaml | 14 + ...2d4b59196821d9e65d40ec2075220ee7926bcf0_sk | 5 + .../msp/signcerts/cert.pem | 17 + .../tls/IssuerPublicKey | 20 + .../tls/IssuerRevocationPublicKey | 5 + .../peers/peer0.org1.example.com/tls/ca.crt | 14 + ...9284bc0596bbea0df8abd3930d5ace10b95e308_sk | 5 + .../peer0.org1.example.com/tls/server.crt | 18 + .../peer0.org1.example.com/tls/server.key | 5 + .../tls/signcerts/cert.pem | 18 + .../tlscacerts/tls-localhost-7054-ca-org1.pem | 14 + .../tlsca/tlsca.org1.example.com-cert.pem | 14 + .../msp/IssuerPublicKey | 20 + .../msp/IssuerRevocationPublicKey | 5 + .../msp/cacerts/localhost-7054-ca-org1.pem | 14 + .../Admin@org1.example.com/msp/config.yaml | 14 + ...453cd790823fc21cf9114cd0ba593f1676220f0_sk | 5 + .../msp/signcerts/cert.pem | 17 + .../msp/IssuerPublicKey | 20 + .../msp/IssuerRevocationPublicKey | 5 + .../msp/cacerts/localhost-7054-ca-org1.pem | 14 + .../User1@org1.example.com/msp/config.yaml | 14 + ...c7545fb7ced2b20d42dbb687ee012db747ac552_sk | 5 + .../msp/signcerts/cert.pem | 16 + .../ca/ca.org2.example.com-cert.pem | 14 + .../org2.example.com/connection-org2.json | 49 +++ .../org2.example.com/connection-org2.yaml | 63 +++ .../fabric-ca-client-config.yaml | 168 ++++++++ .../org2.example.com/msp/IssuerPublicKey | Bin 0 -> 843 bytes .../msp/IssuerRevocationPublicKey | 5 + .../msp/cacerts/localhost-8054-ca-org2.pem | 14 + .../org2.example.com/msp/config.yaml | 14 + ...16b3f8b3100622aac49b6b383996b9a836e13e7_sk | 5 + .../org2.example.com/msp/signcerts/cert.pem | 14 + .../org2.example.com/msp/tlscacerts/ca.crt | 14 + .../msp/IssuerPublicKey | Bin 0 -> 843 bytes .../msp/IssuerRevocationPublicKey | 5 + .../msp/cacerts/localhost-8054-ca-org2.pem | 14 + .../peer0.org2.example.com/msp/config.yaml | 14 + ...9ae79002529e0e42fa8b4e6e7774fbe6bf08a4a_sk | 5 + .../msp/signcerts/cert.pem | 17 + .../tls/IssuerPublicKey | Bin 0 -> 843 bytes .../tls/IssuerRevocationPublicKey | 5 + .../peers/peer0.org2.example.com/tls/ca.crt | 14 + ...7f053052b4d7b36ffe96dec623039eca175b080_sk | 5 + .../peer0.org2.example.com/tls/server.crt | 18 + .../peer0.org2.example.com/tls/server.key | 5 + .../tls/signcerts/cert.pem | 18 + .../tlscacerts/tls-localhost-8054-ca-org2.pem | 14 + .../tlsca/tlsca.org2.example.com-cert.pem | 14 + .../msp/IssuerPublicKey | Bin 0 -> 843 bytes .../msp/IssuerRevocationPublicKey | 5 + .../msp/cacerts/localhost-8054-ca-org2.pem | 14 + .../Admin@org2.example.com/msp/config.yaml | 14 + ...7e1040b36bf1133cf6b18d58c8e1ddcc56fee86_sk | 5 + .../msp/signcerts/cert.pem | 17 + .../msp/IssuerPublicKey | Bin 0 -> 843 bytes .../msp/IssuerRevocationPublicKey | 5 + .../msp/cacerts/localhost-8054-ca-org2.pem | 14 + .../User1@org2.example.com/msp/config.yaml | 14 + ...7d84f019d00d0e79190465b41d6da36ec6d86d4_sk | 5 + .../msp/signcerts/cert.pem | 16 + supply-chain-client/invoker.js | 6 +- supply-chain-client/transUtil.js | 22 + 148 files changed, 3829 insertions(+), 3 deletions(-) create mode 100644 explorer/config.json create mode 100644 explorer/connection-profile/test-network.json create mode 100644 explorer/docker-compose.yaml create mode 100644 explorer/organizations/ccp-generate.sh create mode 100644 explorer/organizations/ccp-template.json create mode 100644 explorer/organizations/ccp-template.yaml create mode 100644 explorer/organizations/cryptogen/crypto-config-orderer.yaml create mode 100644 explorer/organizations/cryptogen/crypto-config-org1.yaml create mode 100644 explorer/organizations/cryptogen/crypto-config-org2.yaml create mode 100644 explorer/organizations/fabric-ca/ordererOrg/IssuerPublicKey create mode 100644 explorer/organizations/fabric-ca/ordererOrg/IssuerRevocationPublicKey create mode 100644 explorer/organizations/fabric-ca/ordererOrg/ca-cert.pem create mode 100644 explorer/organizations/fabric-ca/ordererOrg/fabric-ca-server-config.yaml create mode 100644 explorer/organizations/fabric-ca/ordererOrg/fabric-ca-server.db create mode 100644 explorer/organizations/fabric-ca/ordererOrg/msp/keystore/37b5497d94171efb139a37abd6cbd1ffd05d03c62d18ecde3bb8fdd72c9ef593_sk create mode 100644 explorer/organizations/fabric-ca/ordererOrg/msp/keystore/IssuerRevocationPrivateKey create mode 100644 explorer/organizations/fabric-ca/ordererOrg/msp/keystore/IssuerSecretKey create mode 100644 explorer/organizations/fabric-ca/ordererOrg/msp/keystore/c59dcdd50bd462475768db4694e67082fa64ba211b0bcfb14c9384576452aca4_sk create mode 100644 explorer/organizations/fabric-ca/ordererOrg/tls-cert.pem create mode 100644 explorer/organizations/fabric-ca/org1/IssuerPublicKey create mode 100644 explorer/organizations/fabric-ca/org1/IssuerRevocationPublicKey create mode 100644 explorer/organizations/fabric-ca/org1/ca-cert.pem create mode 100644 explorer/organizations/fabric-ca/org1/fabric-ca-server-config.yaml create mode 100644 explorer/organizations/fabric-ca/org1/fabric-ca-server.db create mode 100644 explorer/organizations/fabric-ca/org1/msp/keystore/68df689393af8f641a514adaff97cd688fd75494544bbccb4ae6aa51c6d9e7dc_sk create mode 100644 explorer/organizations/fabric-ca/org1/msp/keystore/823968278fd5d66ab74076163ca3f590206f5516d4818573b89daa5f269726c2_sk create mode 100644 explorer/organizations/fabric-ca/org1/msp/keystore/IssuerRevocationPrivateKey create mode 100644 explorer/organizations/fabric-ca/org1/msp/keystore/IssuerSecretKey create mode 100644 explorer/organizations/fabric-ca/org1/tls-cert.pem create mode 100644 explorer/organizations/fabric-ca/org2/IssuerPublicKey create mode 100644 explorer/organizations/fabric-ca/org2/IssuerRevocationPublicKey create mode 100644 explorer/organizations/fabric-ca/org2/ca-cert.pem create mode 100644 explorer/organizations/fabric-ca/org2/fabric-ca-server-config.yaml create mode 100644 explorer/organizations/fabric-ca/org2/fabric-ca-server.db create mode 100644 explorer/organizations/fabric-ca/org2/msp/keystore/605e9fc837e1cfbbaae5243dfd01cc262fb531e911a26f5e43f1e7e8d78adbb1_sk create mode 100644 explorer/organizations/fabric-ca/org2/msp/keystore/IssuerRevocationPrivateKey create mode 100644 explorer/organizations/fabric-ca/org2/msp/keystore/IssuerSecretKey create mode 100644 explorer/organizations/fabric-ca/org2/msp/keystore/df47e6d8568f0c9b32ada1509faa085e17d9f8e8cc2eb14ec4bf6e6e1bc7dd25_sk create mode 100644 explorer/organizations/fabric-ca/org2/tls-cert.pem create mode 100644 explorer/organizations/fabric-ca/registerEnroll.sh create mode 100644 explorer/organizations/ordererOrganizations/example.com/fabric-ca-client-config.yaml create mode 100644 explorer/organizations/ordererOrganizations/example.com/msp/IssuerPublicKey create mode 100644 explorer/organizations/ordererOrganizations/example.com/msp/IssuerRevocationPublicKey create mode 100644 explorer/organizations/ordererOrganizations/example.com/msp/cacerts/localhost-9054-ca-orderer.pem create mode 100644 explorer/organizations/ordererOrganizations/example.com/msp/config.yaml create mode 100644 explorer/organizations/ordererOrganizations/example.com/msp/keystore/03020d5808061bd621cb773e2d0972c91901c26f70220415bb8773a9f95211a6_sk create mode 100644 explorer/organizations/ordererOrganizations/example.com/msp/signcerts/cert.pem create mode 100644 explorer/organizations/ordererOrganizations/example.com/msp/tlscacerts/tlsca.example.com-cert.pem create mode 100644 explorer/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/msp/IssuerPublicKey create mode 100644 explorer/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/msp/IssuerRevocationPublicKey create mode 100644 explorer/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/msp/cacerts/localhost-9054-ca-orderer.pem create mode 100644 explorer/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/msp/config.yaml create mode 100644 explorer/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/msp/keystore/166d06ceec9747aa34d0308773dd0752204815703041f7399e0e163b98ec2007_sk create mode 100644 explorer/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/msp/signcerts/cert.pem create mode 100644 explorer/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem create mode 100644 explorer/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls/IssuerPublicKey create mode 100644 explorer/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls/IssuerRevocationPublicKey create mode 100644 explorer/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls/ca.crt create mode 100644 explorer/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls/keystore/2341c52f926acddd8e98fb38e49a2a9e0a631f39f3078ca3a944d91e22bba88a_sk create mode 100644 explorer/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls/server.crt create mode 100644 explorer/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls/server.key create mode 100644 explorer/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls/signcerts/cert.pem create mode 100644 explorer/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls/tlscacerts/tls-localhost-9054-ca-orderer.pem create mode 100644 explorer/organizations/ordererOrganizations/example.com/tlsca/tlsca.example.com-cert.pem create mode 100644 explorer/organizations/ordererOrganizations/example.com/users/Admin@example.com/msp/IssuerPublicKey create mode 100644 explorer/organizations/ordererOrganizations/example.com/users/Admin@example.com/msp/IssuerRevocationPublicKey create mode 100644 explorer/organizations/ordererOrganizations/example.com/users/Admin@example.com/msp/cacerts/localhost-9054-ca-orderer.pem create mode 100644 explorer/organizations/ordererOrganizations/example.com/users/Admin@example.com/msp/config.yaml create mode 100644 explorer/organizations/ordererOrganizations/example.com/users/Admin@example.com/msp/keystore/11411ee96dce74e321dfec6b44e41228191e35af730dcedc2c10bdbc5d4540ee_sk create mode 100644 explorer/organizations/ordererOrganizations/example.com/users/Admin@example.com/msp/signcerts/cert.pem create mode 100644 explorer/organizations/peerOrganizations/org1.example.com/ca/ca.org1.example.com-cert.pem create mode 100644 explorer/organizations/peerOrganizations/org1.example.com/connection-org1.json create mode 100644 explorer/organizations/peerOrganizations/org1.example.com/connection-org1.yaml create mode 100644 explorer/organizations/peerOrganizations/org1.example.com/fabric-ca-client-config.yaml create mode 100644 explorer/organizations/peerOrganizations/org1.example.com/msp/IssuerPublicKey create mode 100644 explorer/organizations/peerOrganizations/org1.example.com/msp/IssuerRevocationPublicKey create mode 100644 explorer/organizations/peerOrganizations/org1.example.com/msp/cacerts/localhost-7054-ca-org1.pem create mode 100644 explorer/organizations/peerOrganizations/org1.example.com/msp/config.yaml create mode 100644 explorer/organizations/peerOrganizations/org1.example.com/msp/keystore/6e055ecc17cd8ed623c78120048c959f39e88cd1ea643003cb9c25d1e80a8094_sk create mode 100644 explorer/organizations/peerOrganizations/org1.example.com/msp/signcerts/cert.pem create mode 100644 explorer/organizations/peerOrganizations/org1.example.com/msp/tlscacerts/ca.crt create mode 100644 explorer/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/msp/IssuerPublicKey create mode 100644 explorer/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/msp/IssuerRevocationPublicKey create mode 100644 explorer/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/msp/cacerts/localhost-7054-ca-org1.pem create mode 100644 explorer/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/msp/config.yaml create mode 100644 explorer/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/msp/keystore/56e21e63ff1e4383eade906022d4b59196821d9e65d40ec2075220ee7926bcf0_sk create mode 100644 explorer/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/msp/signcerts/cert.pem create mode 100644 explorer/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/IssuerPublicKey create mode 100644 explorer/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/IssuerRevocationPublicKey create mode 100644 explorer/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt create mode 100644 explorer/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/keystore/c8e2dc5fa2ae977a0d5e805329284bc0596bbea0df8abd3930d5ace10b95e308_sk create mode 100644 explorer/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.crt create mode 100644 explorer/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.key create mode 100644 explorer/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/signcerts/cert.pem create mode 100644 explorer/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/tlscacerts/tls-localhost-7054-ca-org1.pem create mode 100644 explorer/organizations/peerOrganizations/org1.example.com/tlsca/tlsca.org1.example.com-cert.pem create mode 100644 explorer/organizations/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp/IssuerPublicKey create mode 100644 explorer/organizations/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp/IssuerRevocationPublicKey create mode 100644 explorer/organizations/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp/cacerts/localhost-7054-ca-org1.pem create mode 100644 explorer/organizations/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp/config.yaml create mode 100644 explorer/organizations/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp/keystore/3e704a30d32dd0c70b91c1740453cd790823fc21cf9114cd0ba593f1676220f0_sk create mode 100644 explorer/organizations/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp/signcerts/cert.pem create mode 100644 explorer/organizations/peerOrganizations/org1.example.com/users/User1@org1.example.com/msp/IssuerPublicKey create mode 100644 explorer/organizations/peerOrganizations/org1.example.com/users/User1@org1.example.com/msp/IssuerRevocationPublicKey create mode 100644 explorer/organizations/peerOrganizations/org1.example.com/users/User1@org1.example.com/msp/cacerts/localhost-7054-ca-org1.pem create mode 100644 explorer/organizations/peerOrganizations/org1.example.com/users/User1@org1.example.com/msp/config.yaml create mode 100644 explorer/organizations/peerOrganizations/org1.example.com/users/User1@org1.example.com/msp/keystore/8410b52bc8d92c014422b7ee9c7545fb7ced2b20d42dbb687ee012db747ac552_sk create mode 100644 explorer/organizations/peerOrganizations/org1.example.com/users/User1@org1.example.com/msp/signcerts/cert.pem create mode 100644 explorer/organizations/peerOrganizations/org2.example.com/ca/ca.org2.example.com-cert.pem create mode 100644 explorer/organizations/peerOrganizations/org2.example.com/connection-org2.json create mode 100644 explorer/organizations/peerOrganizations/org2.example.com/connection-org2.yaml create mode 100644 explorer/organizations/peerOrganizations/org2.example.com/fabric-ca-client-config.yaml create mode 100644 explorer/organizations/peerOrganizations/org2.example.com/msp/IssuerPublicKey create mode 100644 explorer/organizations/peerOrganizations/org2.example.com/msp/IssuerRevocationPublicKey create mode 100644 explorer/organizations/peerOrganizations/org2.example.com/msp/cacerts/localhost-8054-ca-org2.pem create mode 100644 explorer/organizations/peerOrganizations/org2.example.com/msp/config.yaml create mode 100644 explorer/organizations/peerOrganizations/org2.example.com/msp/keystore/5740f3374a28590a609489a3f16b3f8b3100622aac49b6b383996b9a836e13e7_sk create mode 100644 explorer/organizations/peerOrganizations/org2.example.com/msp/signcerts/cert.pem create mode 100644 explorer/organizations/peerOrganizations/org2.example.com/msp/tlscacerts/ca.crt create mode 100644 explorer/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/msp/IssuerPublicKey create mode 100644 explorer/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/msp/IssuerRevocationPublicKey create mode 100644 explorer/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/msp/cacerts/localhost-8054-ca-org2.pem create mode 100644 explorer/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/msp/config.yaml create mode 100644 explorer/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/msp/keystore/0d0763e2b8f5df41e2aef15ed9ae79002529e0e42fa8b4e6e7774fbe6bf08a4a_sk create mode 100644 explorer/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/msp/signcerts/cert.pem create mode 100644 explorer/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/IssuerPublicKey create mode 100644 explorer/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/IssuerRevocationPublicKey create mode 100644 explorer/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt create mode 100644 explorer/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/keystore/970d572c12dc5e88e356103647f053052b4d7b36ffe96dec623039eca175b080_sk create mode 100644 explorer/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/server.crt create mode 100644 explorer/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/server.key create mode 100644 explorer/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/signcerts/cert.pem create mode 100644 explorer/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/tlscacerts/tls-localhost-8054-ca-org2.pem create mode 100644 explorer/organizations/peerOrganizations/org2.example.com/tlsca/tlsca.org2.example.com-cert.pem create mode 100644 explorer/organizations/peerOrganizations/org2.example.com/users/Admin@org2.example.com/msp/IssuerPublicKey create mode 100644 explorer/organizations/peerOrganizations/org2.example.com/users/Admin@org2.example.com/msp/IssuerRevocationPublicKey create mode 100644 explorer/organizations/peerOrganizations/org2.example.com/users/Admin@org2.example.com/msp/cacerts/localhost-8054-ca-org2.pem create mode 100644 explorer/organizations/peerOrganizations/org2.example.com/users/Admin@org2.example.com/msp/config.yaml create mode 100644 explorer/organizations/peerOrganizations/org2.example.com/users/Admin@org2.example.com/msp/keystore/36dba2a3e39c661c2e4b078ce7e1040b36bf1133cf6b18d58c8e1ddcc56fee86_sk create mode 100644 explorer/organizations/peerOrganizations/org2.example.com/users/Admin@org2.example.com/msp/signcerts/cert.pem create mode 100644 explorer/organizations/peerOrganizations/org2.example.com/users/User1@org2.example.com/msp/IssuerPublicKey create mode 100644 explorer/organizations/peerOrganizations/org2.example.com/users/User1@org2.example.com/msp/IssuerRevocationPublicKey create mode 100644 explorer/organizations/peerOrganizations/org2.example.com/users/User1@org2.example.com/msp/cacerts/localhost-8054-ca-org2.pem create mode 100644 explorer/organizations/peerOrganizations/org2.example.com/users/User1@org2.example.com/msp/config.yaml create mode 100644 explorer/organizations/peerOrganizations/org2.example.com/users/User1@org2.example.com/msp/keystore/4f64511357133bdf757f2f3127d84f019d00d0e79190465b41d6da36ec6d86d4_sk create mode 100644 explorer/organizations/peerOrganizations/org2.example.com/users/User1@org2.example.com/msp/signcerts/cert.pem create mode 100644 supply-chain-client/transUtil.js diff --git a/explorer/config.json b/explorer/config.json new file mode 100644 index 00000000..f99d37b5 --- /dev/null +++ b/explorer/config.json @@ -0,0 +1,9 @@ +{ + "network-configs": { + "test-network": { + "name": "Test Network", + "profile": "./connection-profile/test-network.json" + } + }, + "license": "Apache-2.0" +} diff --git a/explorer/connection-profile/test-network.json b/explorer/connection-profile/test-network.json new file mode 100644 index 00000000..e184547f --- /dev/null +++ b/explorer/connection-profile/test-network.json @@ -0,0 +1,48 @@ +{ + "name": "test-network", + "version": "1.0.0", + "client": { + "tlsEnable": true, + "adminCredential": { + "id": "exploreradmin", + "password": "exploreradminpw" + }, + "enableAuthentication": true, + "organization": "Org1MSP", + "connection": { + "timeout": { + "peer": { + "endorser": "300" + }, + "orderer": "300" + } + } + }, + "channels": { + "mychannel": { + "peers": { + "peer0.org1.example.com": {} + } + } + }, + "organizations": { + "Org1MSP": { + "mspid": "Org1MSP", + "adminPrivateKey": { + "path": "/tmp/crypto/peerOrganizations/org1.example.com/users/User1@org1.example.com/msp/keystore/8410b52bc8d92c014422b7ee9c7545fb7ced2b20d42dbb687ee012db747ac552_sk" + }, + "peers": ["peer0.org1.example.com"], + "signedCert": { + "path": "/tmp/crypto/peerOrganizations/org1.example.com/users/User1@org1.example.com/msp/signcerts/cert.pem" + } + } + }, + "peers": { + "peer0.org1.example.com": { + "tlsCACerts": { + "path": "/tmp/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt" + }, + "url": "grpcs://peer0.org1.example.com:7051" + } + } +} diff --git a/explorer/docker-compose.yaml b/explorer/docker-compose.yaml new file mode 100644 index 00000000..cd2edefd --- /dev/null +++ b/explorer/docker-compose.yaml @@ -0,0 +1,58 @@ +# SPDX-License-Identifier: Apache-2.0 +version: '2.1' + +volumes: + pgdata: + walletstore: + +networks: + mynetwork.com: + external: + name: fabric_test + +services: + + explorerdb.mynetwork.com: + image: hyperledger/explorer-db:latest + container_name: explorerdb.mynetwork.com + hostname: explorerdb.mynetwork.com + environment: + - DATABASE_DATABASE=fabricexplorer + - DATABASE_USERNAME=hppoc + - DATABASE_PASSWORD=password + healthcheck: + test: "pg_isready -h localhost -p 5432 -q -U postgres" + interval: 30s + timeout: 10s + retries: 5 + volumes: + - pgdata:/var/lib/postgresql/data + networks: + - mynetwork.com + + explorer.mynetwork.com: + image: hyperledger/explorer:latest + container_name: explorer.mynetwork.com + hostname: explorer.mynetwork.com + environment: + - DATABASE_HOST=explorerdb.mynetwork.com + - DATABASE_DATABASE=fabricexplorer + - DATABASE_USERNAME=hppoc + - DATABASE_PASSWD=password + - LOG_LEVEL_APP=info + - LOG_LEVEL_DB=info + - LOG_LEVEL_CONSOLE=debug + - LOG_CONSOLE_STDOUT=true + - DISCOVERY_AS_LOCALHOST=false + volumes: + - ./config.json:/opt/explorer/app/platform/fabric/config.json + - ./connection-profile:/opt/explorer/app/platform/fabric/connection-profile + - ./organizations:/tmp/crypto + - walletstore:/opt/explorer/wallet + ports: + - 8080:8080 + depends_on: + explorerdb.mynetwork.com: + condition: service_healthy + networks: + - mynetwork.com \ No newline at end of file diff --git a/explorer/organizations/ccp-generate.sh b/explorer/organizations/ccp-generate.sh new file mode 100644 index 00000000..7e091d0b --- /dev/null +++ b/explorer/organizations/ccp-generate.sh @@ -0,0 +1,45 @@ +#!/bin/bash + +function one_line_pem { + echo "`awk 'NF {sub(/\\n/, ""); printf "%s\\\\\\\n",$0;}' $1`" +} + +function json_ccp { + local PP=$(one_line_pem $4) + local CP=$(one_line_pem $5) + sed -e "s/\${ORG}/$1/" \ + -e "s/\${P0PORT}/$2/" \ + -e "s/\${CAPORT}/$3/" \ + -e "s#\${PEERPEM}#$PP#" \ + -e "s#\${CAPEM}#$CP#" \ + organizations/ccp-template.json +} + +function yaml_ccp { + local PP=$(one_line_pem $4) + local CP=$(one_line_pem $5) + sed -e "s/\${ORG}/$1/" \ + -e "s/\${P0PORT}/$2/" \ + -e "s/\${CAPORT}/$3/" \ + -e "s#\${PEERPEM}#$PP#" \ + -e "s#\${CAPEM}#$CP#" \ + organizations/ccp-template.yaml | sed -e $'s/\\\\n/\\\n /g' +} + +ORG=1 +P0PORT=7051 +CAPORT=7054 +PEERPEM=organizations/peerOrganizations/org1.example.com/tlsca/tlsca.org1.example.com-cert.pem +CAPEM=organizations/peerOrganizations/org1.example.com/ca/ca.org1.example.com-cert.pem + +echo "$(json_ccp $ORG $P0PORT $CAPORT $PEERPEM $CAPEM)" > organizations/peerOrganizations/org1.example.com/connection-org1.json +echo "$(yaml_ccp $ORG $P0PORT $CAPORT $PEERPEM $CAPEM)" > organizations/peerOrganizations/org1.example.com/connection-org1.yaml + +ORG=2 +P0PORT=9051 +CAPORT=8054 +PEERPEM=organizations/peerOrganizations/org2.example.com/tlsca/tlsca.org2.example.com-cert.pem +CAPEM=organizations/peerOrganizations/org2.example.com/ca/ca.org2.example.com-cert.pem + +echo "$(json_ccp $ORG $P0PORT $CAPORT $PEERPEM $CAPEM)" > organizations/peerOrganizations/org2.example.com/connection-org2.json +echo "$(yaml_ccp $ORG $P0PORT $CAPORT $PEERPEM $CAPEM)" > organizations/peerOrganizations/org2.example.com/connection-org2.yaml diff --git a/explorer/organizations/ccp-template.json b/explorer/organizations/ccp-template.json new file mode 100644 index 00000000..e945bfe9 --- /dev/null +++ b/explorer/organizations/ccp-template.json @@ -0,0 +1,49 @@ +{ + "name": "test-network-org${ORG}", + "version": "1.0.0", + "client": { + "organization": "Org${ORG}", + "connection": { + "timeout": { + "peer": { + "endorser": "300" + } + } + } + }, + "organizations": { + "Org${ORG}": { + "mspid": "Org${ORG}MSP", + "peers": [ + "peer0.org${ORG}.example.com" + ], + "certificateAuthorities": [ + "ca.org${ORG}.example.com" + ] + } + }, + "peers": { + "peer0.org${ORG}.example.com": { + "url": "grpcs://localhost:${P0PORT}", + "tlsCACerts": { + "pem": "${PEERPEM}" + }, + "grpcOptions": { + "ssl-target-name-override": "peer0.org${ORG}.example.com", + "hostnameOverride": "peer0.org${ORG}.example.com" + } + } + }, + "certificateAuthorities": { + "ca.org${ORG}.example.com": { + "url": "https://localhost:${CAPORT}", + "caName": "ca-org${ORG}", + "tlsCACerts": { + "pem": ["${CAPEM}"] + }, + "httpOptions": { + "verify": false + } + } + } +} diff --git a/explorer/organizations/ccp-template.yaml b/explorer/organizations/ccp-template.yaml new file mode 100644 index 00000000..b675c186 --- /dev/null +++ b/explorer/organizations/ccp-template.yaml @@ -0,0 +1,35 @@ +--- +name: test-network-org${ORG} +version: 1.0.0 +client: + organization: Org${ORG} + connection: + timeout: + peer: + endorser: '300' +organizations: + Org${ORG}: + mspid: Org${ORG}MSP + peers: + - peer0.org${ORG}.example.com + certificateAuthorities: + - ca.org${ORG}.example.com +peers: + peer0.org${ORG}.example.com: + url: grpcs://localhost:${P0PORT} + tlsCACerts: + pem: | + ${PEERPEM} + grpcOptions: + ssl-target-name-override: peer0.org${ORG}.example.com + hostnameOverride: peer0.org${ORG}.example.com +certificateAuthorities: + ca.org${ORG}.example.com: + url: https://localhost:${CAPORT} + caName: ca-org${ORG} + tlsCACerts: + pem: + - | + ${CAPEM} + httpOptions: + verify: false diff --git a/explorer/organizations/cryptogen/crypto-config-orderer.yaml b/explorer/organizations/cryptogen/crypto-config-orderer.yaml new file mode 100644 index 00000000..6c5e7668 --- /dev/null +++ b/explorer/organizations/cryptogen/crypto-config-orderer.yaml @@ -0,0 +1,22 @@ +# Copyright IBM Corp. All Rights Reserved. +# +# SPDX-License-Identifier: Apache-2.0 +# + +# --------------------------------------------------------------------------- +# "OrdererOrgs" - Definition of organizations managing orderer nodes +# --------------------------------------------------------------------------- +OrdererOrgs: + # --------------------------------------------------------------------------- + # Orderer + # --------------------------------------------------------------------------- + - Name: Orderer + Domain: example.com + EnableNodeOUs: true + # --------------------------------------------------------------------------- + # "Specs" - See PeerOrgs for complete description + # --------------------------------------------------------------------------- + Specs: + - Hostname: orderer + SANS: + - localhost diff --git a/explorer/organizations/cryptogen/crypto-config-org1.yaml b/explorer/organizations/cryptogen/crypto-config-org1.yaml new file mode 100644 index 00000000..40738450 --- /dev/null +++ b/explorer/organizations/cryptogen/crypto-config-org1.yaml @@ -0,0 +1,61 @@ +# Copyright IBM Corp. All Rights Reserved. +# +# SPDX-License-Identifier: Apache-2.0 +# + + +# --------------------------------------------------------------------------- +# "PeerOrgs" - Definition of organizations managing peer nodes +# --------------------------------------------------------------------------- +PeerOrgs: + # --------------------------------------------------------------------------- + # Org1 + # --------------------------------------------------------------------------- + - Name: Org1 + Domain: org1.example.com + EnableNodeOUs: true + # --------------------------------------------------------------------------- + # "Specs" + # --------------------------------------------------------------------------- + # Uncomment this section to enable the explicit definition of hosts in your + # configuration. Most users will want to use Template, below + # + # Specs is an array of Spec entries. Each Spec entry consists of two fields: + # - Hostname: (Required) The desired hostname, sans the domain. + # - CommonName: (Optional) Specifies the template or explicit override for + # the CN. By default, this is the template: + # + # "{{.Hostname}}.{{.Domain}}" + # + # which obtains its values from the Spec.Hostname and + # Org.Domain, respectively. + # --------------------------------------------------------------------------- + # - Hostname: foo # implicitly "foo.org1.example.com" + # CommonName: foo27.org5.example.com # overrides Hostname-based FQDN set above + # - Hostname: bar + # - Hostname: baz + # --------------------------------------------------------------------------- + # "Template" + # --------------------------------------------------------------------------- + # Allows for the definition of 1 or more hosts that are created sequentially + # from a template. By default, this looks like "peer%d" from 0 to Count-1. + # You may override the number of nodes (Count), the starting index (Start) + # or the template used to construct the name (Hostname). + # + # Note: Template and Specs are not mutually exclusive. You may define both + # sections and the aggregate nodes will be created for you. Take care with + # name collisions + # --------------------------------------------------------------------------- + Template: + Count: 1 + SANS: + - localhost + # Start: 5 + # Hostname: {{.Prefix}}{{.Index}} # default + # --------------------------------------------------------------------------- + # "Users" + # --------------------------------------------------------------------------- + # Count: The number of user accounts _in addition_ to Admin + # --------------------------------------------------------------------------- + Users: + Count: 1 diff --git a/explorer/organizations/cryptogen/crypto-config-org2.yaml b/explorer/organizations/cryptogen/crypto-config-org2.yaml new file mode 100644 index 00000000..6298ff6d --- /dev/null +++ b/explorer/organizations/cryptogen/crypto-config-org2.yaml @@ -0,0 +1,61 @@ +# Copyright IBM Corp. All Rights Reserved. +# +# SPDX-License-Identifier: Apache-2.0 +# + +# --------------------------------------------------------------------------- +# "PeerOrgs" - Definition of organizations managing peer nodes +# --------------------------------------------------------------------------- +PeerOrgs: + # --------------------------------------------------------------------------- + # Org2 + # --------------------------------------------------------------------------- + - Name: Org2 + Domain: org2.example.com + EnableNodeOUs: true + # --------------------------------------------------------------------------- + # "Specs" + # --------------------------------------------------------------------------- + # Uncomment this section to enable the explicit definition of hosts in your + # configuration. Most users will want to use Template, below + # + # Specs is an array of Spec entries. Each Spec entry consists of two fields: + # - Hostname: (Required) The desired hostname, sans the domain. + # - CommonName: (Optional) Specifies the template or explicit override for + # the CN. By default, this is the template: + # + # "{{.Hostname}}.{{.Domain}}" + # + # which obtains its values from the Spec.Hostname and + # Org.Domain, respectively. + # --------------------------------------------------------------------------- + # Specs: + # - Hostname: foo # implicitly "foo.org1.example.com" + # CommonName: foo27.org5.example.com # overrides Hostname-based FQDN set above + # - Hostname: bar + # - Hostname: baz + # --------------------------------------------------------------------------- + # "Template" + # --------------------------------------------------------------------------- + # Allows for the definition of 1 or more hosts that are created sequentially + # from a template. By default, this looks like "peer%d" from 0 to Count-1. + # You may override the number of nodes (Count), the starting index (Start) + # or the template used to construct the name (Hostname). + # + # Note: Template and Specs are not mutually exclusive. You may define both + # sections and the aggregate nodes will be created for you. Take care with + # name collisions + # --------------------------------------------------------------------------- + Template: + Count: 1 + SANS: + - localhost + # Start: 5 + # Hostname: {{.Prefix}}{{.Index}} # default + # --------------------------------------------------------------------------- + # "Users" + # --------------------------------------------------------------------------- + # Count: The number of user accounts _in addition_ to Admin + # --------------------------------------------------------------------------- + Users: + Count: 1 diff --git a/explorer/organizations/fabric-ca/ordererOrg/IssuerPublicKey b/explorer/organizations/fabric-ca/ordererOrg/IssuerPublicKey new file mode 100644 index 0000000000000000000000000000000000000000..3c198c5e88fa3b77aa66ac0076c39dd6a40d7d00 GIT binary patch literal 843 zcmV-R1GM}K0#8*61X6EoWeN;MZgOvIY;9$3bV)=C5K?7!Z)0I}X>V>wVQyq>WfDXR zAdK$_^y=R`IS!r`WtQmIa^geI(`did&&lj3n(F={OcEf6A9;PweH1%Q%3m~}Guh4? zx)osbdFmPD4`~u&MtM1?7u0s?#|KVQnUuwf`L`aatf9bAg!bLG5V7uCQqL;k=siG zj%6jbq#qfxg0`iyO`e`Rzam5mAlE*W`-uS7<_+cZbofw${s)@x)* z`w}3870hE)ynu(;d-<0UE(d>0;D9wSokrs8if~|p19JZ&L<%6i-Npx;^A0^8l>7_HtSc!YdpAuSa zIx2_(3Lu1AttZkFt#Dn)P|UkWIcrOIq%in=G=eagAlD5T++Y$QOLhMDQ#vs9jJ#Ip zO3314KGX-Qen>dBSE#cLDGDHd>{P8K-`L0Q8D`~^A z#b6{Y+LL0LwAD`Hut?hd*OKz{5+JFwg%mMPy6-Z+tirLu^J4gYKJoa!)v4PAlhE?k zWsW*T3Ls9de`wlWN(S7pr>;t8$bH!C(a1!|u1h9$qv$x(3q%qiXr${kN~Pp*r|!x0 z!%;+_)JKJsu-m|TqHi~u`-S3?LLeELAeHAl=MD067v;@Q^C{b7rM&TXpix|D@(Jcr zcveavX@EVx7}fC-7(@6Wma:@:/ + # TLS configuration for the client connection to the LDAP server + tls: + certfiles: + client: + certfile: + keyfile: + # Attribute related configuration for mapping from LDAP entries to Fabric CA attributes + attribute: + # 'names' is an array of strings containing the LDAP attribute names which are + # requested from the LDAP server for an LDAP identity's entry + names: ['uid','member'] + # The 'converters' section is used to convert an LDAP entry to the value of + # a fabric CA attribute. + # For example, the following converts an LDAP 'uid' attribute + # whose value begins with 'revoker' to a fabric CA attribute + # named "hf.Revoker" with a value of "true" (because the boolean expression + # evaluates to true). + # converters: + # - name: hf.Revoker + # value: attr("uid") =~ "revoker*" + converters: + - name: + value: + # The 'maps' section contains named maps which may be referenced by the 'map' + # function in the 'converters' section to map LDAP responses to arbitrary values. + # For example, assume a user has an LDAP attribute named 'member' which has multiple + # values which are each a distinguished name (i.e. a DN). For simplicity, assume the + # values of the 'member' attribute are 'dn1', 'dn2', and 'dn3'. + # Further assume the following configuration. + # converters: + # - name: hf.Registrar.Roles + # value: map(attr("member"),"groups") + # maps: + # groups: + # - name: dn1 + # value: peer + # - name: dn2 + # value: client + # The value of the user's 'hf.Registrar.Roles' attribute is then computed to be + # "peer,client,dn3". This is because the value of 'attr("member")' is + # "dn1,dn2,dn3", and the call to 'map' with a 2nd argument of + # "group" replaces "dn1" with "peer" and "dn2" with "client". + maps: + groups: + - name: + value: + +############################################################################# +# Affiliations section. Fabric CA server can be bootstrapped with the +# affiliations specified in this section. Affiliations are specified as maps. +# For example: +# businessunit1: +# department1: +# - team1 +# businessunit2: +# - department2 +# - department3 +# +# Affiliations are hierarchical in nature. In the above example, +# department1 (used as businessunit1.department1) is the child of businessunit1. +# team1 (used as businessunit1.department1.team1) is the child of department1. +# department2 (used as businessunit2.department2) and department3 (businessunit2.department3) +# are children of businessunit2. +# Note: Affiliations are case sensitive except for the non-leaf affiliations +# (like businessunit1, department1, businessunit2) that are specified in the configuration file, +# which are always stored in lower case. +############################################################################# +affiliations: + org1: + - department1 + - department2 + org2: + - department1 + +############################################################################# +# Signing section +# +# The "default" subsection is used to sign enrollment certificates; +# the default expiration ("expiry" field) is "8760h", which is 1 year in hours. +# +# The "ca" profile subsection is used to sign intermediate CA certificates; +# the default expiration ("expiry" field) is "43800h" which is 5 years in hours. +# Note that "isca" is true, meaning that it issues a CA certificate. +# A maxpathlen of 0 means that the intermediate CA cannot issue other +# intermediate CA certificates, though it can still issue end entity certificates. +# (See RFC 5280, section 4.2.1.9) +# +# The "tls" profile subsection is used to sign TLS certificate requests; +# the default expiration ("expiry" field) is "8760h", which is 1 year in hours. +############################################################################# +signing: + default: + usage: + - digital signature + expiry: 8760h + profiles: + ca: + usage: + - cert sign + - crl sign + expiry: 43800h + caconstraint: + isca: true + maxpathlen: 0 + tls: + usage: + - signing + - key encipherment + - server auth + - client auth + - key agreement + expiry: 8760h + +########################################################################### +# Certificate Signing Request (CSR) section. +# This controls the creation of the root CA certificate. +# The expiration for the root CA certificate is configured with the +# "ca.expiry" field below, whose default value is "131400h" which is +# 15 years in hours. +# The pathlength field is used to limit CA certificate hierarchy as described +# in section 4.2.1.9 of RFC 5280. +# Examples: +# 1) No pathlength value means no limit is requested. +# 2) pathlength == 1 means a limit of 1 is requested which is the default for +# a root CA. This means the root CA can issue intermediate CA certificates, +# but these intermediate CAs may not in turn issue other CA certificates +# though they can still issue end entity certificates. +# 3) pathlength == 0 means a limit of 0 is requested; +# this is the default for an intermediate CA, which means it can not issue +# CA certificates though it can still issue end entity certificates. +########################################################################### +csr: + cn: ca.example.com + names: + - C: US + ST: "New York" + L: "New York" + O: example.com + OU: + hosts: + - localhost + - example.com + ca: + expiry: 131400h + pathlength: 1 + +############################################################################# +# BCCSP (BlockChain Crypto Service Provider) section is used to select which +# crypto library implementation to use +############################################################################# +bccsp: + default: SW + sw: + hash: SHA2 + security: 256 + filekeystore: + # The directory used for the software file-based keystore + keystore: msp/keystore + +############################################################################# +# Multi CA section +# +# Each Fabric CA server contains one CA by default. This section is used +# to configure multiple CAs in a single server. +# +# 1) --cacount +# Automatically generate non-default CAs. The names of these +# additional CAs are "ca1", "ca2", ... "caN", where "N" is +# This is particularly useful in a development environment to quickly set up +# multiple CAs. Note that, this config option is not applicable to intermediate CA server +# i.e., Fabric CA server that is started with intermediate.parentserver.url config +# option (-u command line option) +# +# 2) --cafiles +# For each CA config file in the list, generate a separate signing CA. Each CA +# config file in this list MAY contain all of the same elements as are found in +# the server config file except port, debug, and tls sections. +# +# Examples: +# fabric-ca-server start -b admin:adminpw --cacount 2 +# +# fabric-ca-server start -b admin:adminpw --cafiles ca/ca1/fabric-ca-server-config.yaml +# --cafiles ca/ca2/fabric-ca-server-config.yaml +# +############################################################################# + +cacount: + +cafiles: + +############################################################################# +# Intermediate CA section +# +# The relationship between servers and CAs is as follows: +# 1) A single server process may contain or function as one or more CAs. +# This is configured by the "Multi CA section" above. +# 2) Each CA is either a root CA or an intermediate CA. +# 3) Each intermediate CA has a parent CA which is either a root CA or another intermediate CA. +# +# This section pertains to configuration of #2 and #3. +# If the "intermediate.parentserver.url" property is set, +# then this is an intermediate CA with the specified parent +# CA. +# +# parentserver section +# url - The URL of the parent server +# caname - Name of the CA to enroll within the server +# +# enrollment section used to enroll intermediate CA with parent CA +# profile - Name of the signing profile to use in issuing the certificate +# label - Label to use in HSM operations +# +# tls section for secure socket connection +# certfiles - PEM-encoded list of trusted root certificate files +# client: +# certfile - PEM-encoded certificate file for when client authentication +# is enabled on server +# keyfile - PEM-encoded key file for when client authentication +# is enabled on server +############################################################################# +intermediate: + parentserver: + url: + caname: + + enrollment: + hosts: + profile: + label: + + tls: + certfiles: + client: + certfile: + keyfile: diff --git a/explorer/organizations/fabric-ca/ordererOrg/fabric-ca-server.db b/explorer/organizations/fabric-ca/ordererOrg/fabric-ca-server.db new file mode 100644 index 0000000000000000000000000000000000000000..a4444a09ac2a1bac157e9c14f97d0919033389e4 GIT binary patch literal 65536 zcmeI5O^oAMUcf7rs_LqA*Q9rLn%dC_ZKh{i>Y}>4Y$wjgpjBf#PU0j^;(Sy-R;`l1 z0x_jn4Z5Yl{~-i|IhFJ-^+XNUsV%|hNDI_YdjF0NObM)S|G6YYmvy>+S*&__b&Q9 zzrKnb8|OFZGqB{o$@$jWlkAUoZ~b&_ck3r>x8J^lg_xb+2>sIb-|h%oKMDWA8-E=Z zcjwzx@8_m0z#j+z0U+=NAaLua0deo~zK^8M5f8_OWFuSMRr&DofSb zNS&gKY~=pc;QNt>h7viVs!WcmJ|swT|53zN$A)Mg4<`dj9Y-Y7k|L#YJyL2Ei;p7W z#OYdN!eTA1$}t)r8=8stC2LDp&G?{1bY;zR5_liwj%|$ z{cuI9o8{Qw|6u3tt-Zayz;{o4z!Q|v_TSc5Q2Jii&~s3ohY@M+sN$oDGaso-bmNGw zsA-02h>n2-Kj)5PM9d3voUtKI(36bR*;f6OntCqSqsTy<9jn8!Wtszo-M$RC5r8q2 zt?^iuo#T;c+pabCXgca(beZ}FUY=z8``f?0_WOHZ|9arN-??PrwK89L&kbsTZYr9StF2|Z1)nF|-;eHY?PcG+N&L&Aj`2(P8_#z` zxAxwCJMetsS9xd+Wz{}?zr9k`Q@_YVRG*6)`YrTA4MZ9xPH3>#b=n)7;<6+t=l%VI z+gp22-@ZwR(@GrUr=NG8*LH60J$)MZfb=WxsRpF-P#^Ld)|o;whG>R)Q$T1%#2ceU z9;zct?p}7Sp*nMpyW&tWmpY;;+Rmxpu`xUzS=NR2c@%jm0Dd7z)x34<*4}&X1-^Tx z%g3s(Pes#~FP+;fHD3z2M)@qsbynvq>f1|xRegSHs`{l+e5}g*`{ef49{1i&En|rQ z>X(()yU*;s91 zOEZesj>rw8-OJAop1=8~kMz0jH?rlSY1zFpE-sJxcI4qu99*jT8x-qktfDrxs(x?O zE&GYDzGygHuGi{ddw2gUTYKN!yQ!z0j`Fzw5k!OLuX-aV9^Tqxzy9JR{*ZYwN4UGY z`-8RM?H{eZ@!{f00e*l5C8%|00?}B1fI{<@4WMTcpvnY{I6c$73+WGq!61iCK_Yn@^u*>!5J z-6He-q;ZzTx4wPf`+jr({rg?*345_v$))cw4Abz z7EV7|3hHuQbt&PMGM=q}wEp}%!8;G0Z|v=UAnaUHq3G8{h{bVryfdKr8I>HPw)RPRLy{QO@O|K$LD zw2oTYf1N%0CHY_fNB`0K2a~{^z2_Tm?|!em6WH1IiJr+F&)Ng6K9UVeuSpG3V<*N; zp3JLcwo1kqtsy~imcwPSVuR);M?^bciZ2Y=G|)Qy$}{JNjyfKw3R>V-8EUB^;`dh@ zcvc-U)#3{xR8`%uov}E6LS1YNEJgp7EBP%weO@0gMZ8+@WxiF*RPCjhSF^l~nO03z zM-u(-DZCwf00e*l5C8%|00;m9AOHk_01)^> z5x5(C5I9@S^VhS2w}bDTd#rB<_jdd>mQ5s6ApGB+WVcQ~zEDC!Wr4u!NZ`Y1@XkBW zp6%Y-e){x>*`2d~9Mv!>niAvjxQJ^whT~B=is7V0h@uh`rDU8;s;Y#EvZkmQE{m#& z$*PPKiWXNBq8!r{OvcD~JVt0lLP?}_%Tfr8h(5-mkMURp!`>&O?_<~ja$w$tKlWc< zfd4uTc6FXSl+HCOu1$^xVmB$Ub=S>E zg%i9m$u`Sz*K!%X%@wQ;x9DLkitmQnJ+{bG{VatySh~wIM@RgOty2|RFCC%W>I_So z%AD><(fpXNvToXKr;h|7$GY8erzPv5W-~Px7i@#4IX@Go%NIMXZdYp2cBe-6Bm$dd z7Sz#chI~CeD0Pd2qgcC%yHd6>3AKro!_%==y3Wn{G(Rh)DYul?T|Q%Zev1pgI`8?R z@>gpd@~V7Uf?iMe$*DZ7S{z&I%7c_GHpwnu6`1yP`5C)I2j z@5K|*1LcStb}I*1P8!wC$#g<1$3ErD=<7oxjDg) zSVoz%8K%*)@I+JQD4A(ZbS9RsXl;@XWs~hPPbdAvoGY|>TBI`kp-Rc)lXTgwMF}!K zt6)6c>@dk8PV$W3W)xNs44z?_5KE-yo$S%P)8Zzp&!1qJ=4{#~GPamaEtE7Z(Yk&@ zxk854Q9XoeMV;rnAthIx%X2P{Zmf<$(w#wPBxTL6k~OE2!Noa)v$;WcQ0yN~yvHhK zaZ?&r^Hm0g4N~*aS?NZR@iS<6&zS33#>L|_@+qxO6}-~B{a(2uc+5&UDowMLK}(?n znKzTAyfadDXUeL?32#t&;-Fz2X#yOT=R;mLjl} zCXz^D5Li5gk!lK0N}5PWq$(@OKlb^m9lnRujxxAVJ6g0;W@?N!sv(#oTJ5)|@dBPG zjcUT{pmtjIPeJWecnUjLJJ~id8+Do_#tShwP5HVi&ALb3P8J_Yy;YUtX`Il3o1Xv2c1Myvyz%g zx&_jX4RIoVcsMQRxl)qWW=gy#_h|P_K`QA}&Ekz7xsaZwcu%qCsyt0;NtWtS$io*& zN$WzBrt9NoK9gb#1zUE8xeO-^nFFP8pv>7`n$kjk;u_Cp(^ONZ>y@aUE5!AM%{r-x zYS&X~>S!QL^C`7X38w|IEK{d)x{kQCJgt$wu|r2KNhnE$A}^ZNPV`{VJaMx5c5l|q zb`A>8fXGvFei9;j4ufRTi_Dy{u(V`Y9kNz+k|j4&q|>y?7A&TZE5=O4YS?^Ki8o>| z>dznka^TK`v;O>p+dH^|DKd z43mied$*1yfAQIbm`2@Nk6(1_#^GFNlJ(xO-P4Ecq(4^|v5a_<7mC~$x?7*lFs`3X ze3A*!)%j28+6hpds$Wci(wRQrtakZ2-7DAIvrc-oYhOQ`s2rhgImcyoQlLp`fVrAo z(dF^jWgL>8DFoLzNO5W^M;{DAiDJpBb@g7`!FpUzi8(YkY8s0cRvtENbyRP4RD$+)6M5!xfyHhz@V;JIe zW*PFPmj29=vM#1(G{rL%rc*rIU^s!{Xqr&k+>~n?1Q8$SwMwmcAYMp6$cjyAMAeBpCtPpXuVbS)MOcp0JxH{21LLI8ZXVc8#V*B@H|PiSy=g1x z?f-ASQD1xGPu}<_{HNgta>4}!fB+Bx0zd!=00AHX1b_e#00KbZr3lnFzV$31C6bDS zNoq2lQpp4+kqUYjwHPLf5*CX~qKNjgH0fm*mo^(4&z=Pcw2S4fJ;!AdLyK2YGL?)) z;~JTaDREVfrJ^yB6q6!azk0b1unj-gSG}zk^mBdHtLE!LJp00;m9AOHkjYXTpNn|B_3>&(37-nn^= zZzlJO_bomh6Pv*T9g6K|FAl{r(VoN{bVp>1!SNO|6$&SAb$p`RhxQlxQ0%#h&Eiuy z>s~&yO<|cCpJ_L%j@XRNGRp^Jv*#8hdHU*^_mF32bFG<8T4V+jwUm%kElOQfxMsFI ztS4Q)K9<{Jb5I-E4gRp04khGf>?l?kEk^lXhqG{2q?w#J9WjeatFed@IM*nP>7!C= zT(q?W(bE-lFjl!d7#s5JY+l;TCU;1c8+AsjDcwT9lA^W4aVXEkvBk7)ej+m)nmV=T z5rlk*r&NY+W{}}h2IDg^bgtD((^Ml%yE;v0@(B+4E4loF>y41xvy{mUIs+3KKxHto znVN(=YZ%UO4KdrERGZ{nB4)PKJenx1$*x$+^fP^_X->}L9_388Q{&=Kf-rKk^;rpF;&vneJ-ogBI^vlAt zr5QFa^h-YOX8YNha9AjHx@igTmL$7YubC%>*lVF*z91%iS@b9H@~I&nEioNYBC7?x zRB7gmMnThN*<2#)R$MM!7mql>3gMQjmTbO#)NZ$%Sf<{$6uV)j(#eylB=`D5rA9LK z1mD6Pbm(4Z^T=`&S;tUi|1`Uhq(h$ljDJEsuAiIinaE_%%}~f>({0nV(8wX1d>oUYm#o2vG?n4w{l)aXFSC#z1+aY7~Ih4y~l_y3ju^7mTL z`#?A#00e*l5C8%|00;m9AOHk_01yBIUrqv^{XcyF|8hQikQxX80U!VbfB+Bx0zd!= z00AHX1im~3y#4<`_&?Xs3oal41b_e#00KY&2mk>f00e*l5C8%|;58$#71&(c3G66v z{{J<5upkZ)00KY&2mk>f00e*l5C8%|00;nqYY4#k|7)Ot7Z3mfKmZ5;0U!VbfB+Bx z0zd!=0D;$xfVcm@75??L@V|!tF8r6_ABTSz-M|F|fB+Bx0zd!=00AHX1b_e#00KY& z2)ud%;jQ3%;h{B@)hDJpRZaZvX7E9HEE_}3I`esJBltKhk5xq-I)-ST`Q8f#55uxL zb_~ssMdv*Ey>;X*YMNmhqGMRYv)FG2g8N~^&%v3W`Vrp#|5o_>YvI2S|5fLKK?fM~K3!cTn zm*Nm84*s?EYeKx#_;%ndHSX>IZ-)OI{r&&&KZpM&{4?Z)3kU!KAOHk_01yBIKmZ5; r0U!VbfB+EqoC$bG0IseFY;Fhd`JNkRp(`r^!D~G6^;<|e;XkN! literal 0 HcmV?d00001 diff --git a/explorer/organizations/fabric-ca/ordererOrg/msp/keystore/37b5497d94171efb139a37abd6cbd1ffd05d03c62d18ecde3bb8fdd72c9ef593_sk b/explorer/organizations/fabric-ca/ordererOrg/msp/keystore/37b5497d94171efb139a37abd6cbd1ffd05d03c62d18ecde3bb8fdd72c9ef593_sk new file mode 100644 index 00000000..03e5b2f8 --- /dev/null +++ b/explorer/organizations/fabric-ca/ordererOrg/msp/keystore/37b5497d94171efb139a37abd6cbd1ffd05d03c62d18ecde3bb8fdd72c9ef593_sk @@ -0,0 +1,5 @@ +-----BEGIN PRIVATE KEY----- +MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgrfm8d9NjP4k57TED +m1TKS5x+svz7PMC51iQdKFA8NcqhRANCAASHK0PN5ZnZ4hWIMxuctWkz52Wibj1E +MlRV/9qVzM6o+jgNHpgeyF0bAH2YfG2Rf7FS6/cJtzhSkRSXa2xODrRs +-----END PRIVATE KEY----- diff --git a/explorer/organizations/fabric-ca/ordererOrg/msp/keystore/IssuerRevocationPrivateKey b/explorer/organizations/fabric-ca/ordererOrg/msp/keystore/IssuerRevocationPrivateKey new file mode 100644 index 00000000..f540770a --- /dev/null +++ b/explorer/organizations/fabric-ca/ordererOrg/msp/keystore/IssuerRevocationPrivateKey @@ -0,0 +1,6 @@ +-----BEGIN PRIVATE KEY----- +MIGkAgEBBDA30sQT3qWX3zRahwZMZPnugRPc3tUARpKn+TDYmNk+ZwPkP4odO7ze +XxChSCNkpKmgBwYFK4EEACKhZANiAASYZ3jCiP0AaI2BmSGrpB6NcDaE11DbTjXF +mR7sWOT8rTwLpWE+22lGn8WFeHNb8DBNMGU3daoN4fir/Exj3fCtYKvAMeW26TDQ ++EX4bxaKuIis4aL2ytIO7VFSoIH03Rw= +-----END PRIVATE KEY----- diff --git a/explorer/organizations/fabric-ca/ordererOrg/msp/keystore/IssuerSecretKey b/explorer/organizations/fabric-ca/ordererOrg/msp/keystore/IssuerSecretKey new file mode 100644 index 00000000..d5402dfe --- /dev/null +++ b/explorer/organizations/fabric-ca/ordererOrg/msp/keystore/IssuerSecretKey @@ -0,0 +1 @@ +&[T\k{FEoVACY \ No newline at end of file diff --git a/explorer/organizations/fabric-ca/ordererOrg/msp/keystore/c59dcdd50bd462475768db4694e67082fa64ba211b0bcfb14c9384576452aca4_sk b/explorer/organizations/fabric-ca/ordererOrg/msp/keystore/c59dcdd50bd462475768db4694e67082fa64ba211b0bcfb14c9384576452aca4_sk new file mode 100644 index 00000000..d664db9f --- /dev/null +++ b/explorer/organizations/fabric-ca/ordererOrg/msp/keystore/c59dcdd50bd462475768db4694e67082fa64ba211b0bcfb14c9384576452aca4_sk @@ -0,0 +1,5 @@ +-----BEGIN PRIVATE KEY----- +MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQg8oP5tbDvxZAgrZHG +PdEd2k98rga+XoANXOiMy3rT8xChRANCAAT1Z9dstXBLigeW5tMH7D4HK68AreQc +XdiFPvSHvRwfpuyzaEoYI2LdIyI3eLQSKVos19Dp1LHqU12XogGc3/0f +-----END PRIVATE KEY----- diff --git a/explorer/organizations/fabric-ca/ordererOrg/tls-cert.pem b/explorer/organizations/fabric-ca/ordererOrg/tls-cert.pem new file mode 100644 index 00000000..7632b0b6 --- /dev/null +++ b/explorer/organizations/fabric-ca/ordererOrg/tls-cert.pem @@ -0,0 +1,15 @@ +-----BEGIN CERTIFICATE----- +MIICaDCCAg6gAwIBAgIUU/ygC8TjnYjgnEukyez4FaqJQLIwCgYIKoZIzj0EAwIw +YjELMAkGA1UEBhMCVVMxETAPBgNVBAgTCE5ldyBZb3JrMREwDwYDVQQHEwhOZXcg +WW9yazEUMBIGA1UEChMLZXhhbXBsZS5jb20xFzAVBgNVBAMTDmNhLmV4YW1wbGUu +Y29tMB4XDTIyMDMxNDAwNDgwMFoXDTIzMDMxNDAwNDgwMFowYDELMAkGA1UEBhMC +VVMxETAPBgNVBAgTCE5ldyBZb3JrMREwDwYDVQQHEwhOZXcgWW9yazEUMBIGA1UE +ChMLZXhhbXBsZS5jb20xFTATBgNVBAMTDDFkMWRhMTBjOTYxZDBZMBMGByqGSM49 +AgEGCCqGSM49AwEHA0IABPVn12y1cEuKB5bm0wfsPgcrrwCt5Bxd2IU+9Ie9HB+m +7LNoShgjYt0jIjd4tBIpWizX0OnUsepTXZeiAZzf/R+jgaMwgaAwDgYDVR0PAQH/ +BAQDAgOoMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8E +AjAAMB0GA1UdDgQWBBTQbA/mwCBMzQ+jSw1LsTTldUr2CjAfBgNVHSMEGDAWgBTP +3gHK6gzsEt9uesT9DAVmQvJ9eTAhBgNVHREEGjAYgglsb2NhbGhvc3SCC2V4YW1w +bGUuY29tMAoGCCqGSM49BAMCA0gAMEUCIQCIBB2dYIvIWi226rJfPSLVt5xD855p +K8FdZpt9aUTXZwIgcdsAf2Rt3tqIjnkT0p6A2otth+7XHmiqUYW+sWdsN68= +-----END CERTIFICATE----- diff --git a/explorer/organizations/fabric-ca/org1/IssuerPublicKey b/explorer/organizations/fabric-ca/org1/IssuerPublicKey new file mode 100644 index 00000000..a71f74d5 --- /dev/null +++ b/explorer/organizations/fabric-ca/org1/IssuerPublicKey @@ -0,0 +1,20 @@ + +OU +Role + EnrollmentID +RevocationHandleD + ڪE`#)zyh" =?WhV@JWLM\CN|D + LI{'E1 khĺHV ACiX\-! "Xj,"C"D + [mO9uf[=rOC*..w}8X,A ב 9 o[݊Fwkhª)"D + n,L-kj0v{6bHIW1Ӈ F\k'!94){02"D + DVG!U?uYy +}^yk :]r|_IP8jI"D + Nj~-FO `Y|wu| kO^P6qƶM,; Fo$߅}0O* + $XO(_({m-rz^{k] _ҹ͟8Ko.P bxK!.IK+^ Pp d[" Ϥ~37oPP +L$ka/2D + D[GI + (!gn}Z;o헖: kfjњ)듁t\]d:D + !sg$,l wLBU$# +Y@< SG-|&9alUʊ:@:/ + # TLS configuration for the client connection to the LDAP server + tls: + certfiles: + client: + certfile: + keyfile: + # Attribute related configuration for mapping from LDAP entries to Fabric CA attributes + attribute: + # 'names' is an array of strings containing the LDAP attribute names which are + # requested from the LDAP server for an LDAP identity's entry + names: ['uid','member'] + # The 'converters' section is used to convert an LDAP entry to the value of + # a fabric CA attribute. + # For example, the following converts an LDAP 'uid' attribute + # whose value begins with 'revoker' to a fabric CA attribute + # named "hf.Revoker" with a value of "true" (because the boolean expression + # evaluates to true). + # converters: + # - name: hf.Revoker + # value: attr("uid") =~ "revoker*" + converters: + - name: + value: + # The 'maps' section contains named maps which may be referenced by the 'map' + # function in the 'converters' section to map LDAP responses to arbitrary values. + # For example, assume a user has an LDAP attribute named 'member' which has multiple + # values which are each a distinguished name (i.e. a DN). For simplicity, assume the + # values of the 'member' attribute are 'dn1', 'dn2', and 'dn3'. + # Further assume the following configuration. + # converters: + # - name: hf.Registrar.Roles + # value: map(attr("member"),"groups") + # maps: + # groups: + # - name: dn1 + # value: peer + # - name: dn2 + # value: client + # The value of the user's 'hf.Registrar.Roles' attribute is then computed to be + # "peer,client,dn3". This is because the value of 'attr("member")' is + # "dn1,dn2,dn3", and the call to 'map' with a 2nd argument of + # "group" replaces "dn1" with "peer" and "dn2" with "client". + maps: + groups: + - name: + value: + +############################################################################# +# Affiliations section. Fabric CA server can be bootstrapped with the +# affiliations specified in this section. Affiliations are specified as maps. +# For example: +# businessunit1: +# department1: +# - team1 +# businessunit2: +# - department2 +# - department3 +# +# Affiliations are hierarchical in nature. In the above example, +# department1 (used as businessunit1.department1) is the child of businessunit1. +# team1 (used as businessunit1.department1.team1) is the child of department1. +# department2 (used as businessunit2.department2) and department3 (businessunit2.department3) +# are children of businessunit2. +# Note: Affiliations are case sensitive except for the non-leaf affiliations +# (like businessunit1, department1, businessunit2) that are specified in the configuration file, +# which are always stored in lower case. +############################################################################# +affiliations: + org1: + - department1 + - department2 + org2: + - department1 + +############################################################################# +# Signing section +# +# The "default" subsection is used to sign enrollment certificates; +# the default expiration ("expiry" field) is "8760h", which is 1 year in hours. +# +# The "ca" profile subsection is used to sign intermediate CA certificates; +# the default expiration ("expiry" field) is "43800h" which is 5 years in hours. +# Note that "isca" is true, meaning that it issues a CA certificate. +# A maxpathlen of 0 means that the intermediate CA cannot issue other +# intermediate CA certificates, though it can still issue end entity certificates. +# (See RFC 5280, section 4.2.1.9) +# +# The "tls" profile subsection is used to sign TLS certificate requests; +# the default expiration ("expiry" field) is "8760h", which is 1 year in hours. +############################################################################# +signing: + default: + usage: + - digital signature + expiry: 8760h + profiles: + ca: + usage: + - cert sign + - crl sign + expiry: 43800h + caconstraint: + isca: true + maxpathlen: 0 + tls: + usage: + - signing + - key encipherment + - server auth + - client auth + - key agreement + expiry: 8760h + +########################################################################### +# Certificate Signing Request (CSR) section. +# This controls the creation of the root CA certificate. +# The expiration for the root CA certificate is configured with the +# "ca.expiry" field below, whose default value is "131400h" which is +# 15 years in hours. +# The pathlength field is used to limit CA certificate hierarchy as described +# in section 4.2.1.9 of RFC 5280. +# Examples: +# 1) No pathlength value means no limit is requested. +# 2) pathlength == 1 means a limit of 1 is requested which is the default for +# a root CA. This means the root CA can issue intermediate CA certificates, +# but these intermediate CAs may not in turn issue other CA certificates +# though they can still issue end entity certificates. +# 3) pathlength == 0 means a limit of 0 is requested; +# this is the default for an intermediate CA, which means it can not issue +# CA certificates though it can still issue end entity certificates. +########################################################################### +csr: + cn: ca.org1.example.com + names: + - C: US + ST: "North Carolina" + L: "Durham" + O: org1.example.com + OU: + hosts: + - localhost + - org1.example.com + ca: + expiry: 131400h + pathlength: 1 + +############################################################################# +# BCCSP (BlockChain Crypto Service Provider) section is used to select which +# crypto library implementation to use +############################################################################# +bccsp: + default: SW + sw: + hash: SHA2 + security: 256 + filekeystore: + # The directory used for the software file-based keystore + keystore: msp/keystore + +############################################################################# +# Multi CA section +# +# Each Fabric CA server contains one CA by default. This section is used +# to configure multiple CAs in a single server. +# +# 1) --cacount +# Automatically generate non-default CAs. The names of these +# additional CAs are "ca1", "ca2", ... "caN", where "N" is +# This is particularly useful in a development environment to quickly set up +# multiple CAs. Note that, this config option is not applicable to intermediate CA server +# i.e., Fabric CA server that is started with intermediate.parentserver.url config +# option (-u command line option) +# +# 2) --cafiles +# For each CA config file in the list, generate a separate signing CA. Each CA +# config file in this list MAY contain all of the same elements as are found in +# the server config file except port, debug, and tls sections. +# +# Examples: +# fabric-ca-server start -b admin:adminpw --cacount 2 +# +# fabric-ca-server start -b admin:adminpw --cafiles ca/ca1/fabric-ca-server-config.yaml +# --cafiles ca/ca2/fabric-ca-server-config.yaml +# +############################################################################# + +cacount: + +cafiles: + +############################################################################# +# Intermediate CA section +# +# The relationship between servers and CAs is as follows: +# 1) A single server process may contain or function as one or more CAs. +# This is configured by the "Multi CA section" above. +# 2) Each CA is either a root CA or an intermediate CA. +# 3) Each intermediate CA has a parent CA which is either a root CA or another intermediate CA. +# +# This section pertains to configuration of #2 and #3. +# If the "intermediate.parentserver.url" property is set, +# then this is an intermediate CA with the specified parent +# CA. +# +# parentserver section +# url - The URL of the parent server +# caname - Name of the CA to enroll within the server +# +# enrollment section used to enroll intermediate CA with parent CA +# profile - Name of the signing profile to use in issuing the certificate +# label - Label to use in HSM operations +# +# tls section for secure socket connection +# certfiles - PEM-encoded list of trusted root certificate files +# client: +# certfile - PEM-encoded certificate file for when client authentication +# is enabled on server +# keyfile - PEM-encoded key file for when client authentication +# is enabled on server +############################################################################# +intermediate: + parentserver: + url: + caname: + + enrollment: + hosts: + profile: + label: + + tls: + certfiles: + client: + certfile: + keyfile: diff --git a/explorer/organizations/fabric-ca/org1/fabric-ca-server.db b/explorer/organizations/fabric-ca/org1/fabric-ca-server.db new file mode 100644 index 0000000000000000000000000000000000000000..a16e60713a8cb18297ae19a5d769f0152eb3b14d GIT binary patch literal 69632 zcmeI5UyS2Oe&1WuJw4sr>DAtPCw+@Eu)5h>WG9-LCMi-9H&{%He?(CdC6S{3E(Q($ z6Ge#~HP;r+sDj z590si{r?cx4_13>^yj)HkUJuP2p|Ig4-mNbM=|~I$&=Vm{F!cewrK}5x9ghv%$^?m zo^|zkms16x2?-6bB_Z+fs`tah=dP7#0F}!F^>dP@A3aV??ZDN&8x*!t8TCEU^M zal&4X-C&iNxkDQU9*!R;0(;>PZ0i_~85dl~_V8*lp1pt>No7qC1vSA7IZ!WY3H))Q zs!B3Y+livk{`^v{uCK?VM=$q3xOaGX82j;L19%Q2PB*{qTtc~VdIP-~Eb}N~tY)_U zI5As|?F)3%kgneCx}K}gTv+il?gUO!k=JY%xW*j5$%H1fv=eIfS;ZbFhWhf@9tFPV z4I%dFE01ddxFgdK0^6J&kM-#^^n-}z%pQ(k#lD7DRI^8q_I`8gcMd=KB=+N9f5jqd zWt+-JH}Q*1c0b(Rbf9NDyN9(Wu`PFG*~{s~gMDW4lpj4xzPEe$?BnYyaZ-q5;^g!Gi`xFZ!)MQ8FX>I;BWZw=2m4Ue zuucWZ9l;sqbspHIDqb5b@wq+r&EBi7HL{npe-9zcq>srPI09t4 zn)rOA4`0drHNrX$Y}lqQ%kQWOAiTLiJ@X5_lHbdt59N~k5gWuV@yZ_I(-v15k-`xL~@BJRUMHeD~2p|H803v`0 zAOeWMcS_*pM|bc4;Kk0zPhPtF`>{QJJg&oUK0hM$9})PErh}(Fz1FSQRPBiMR)NJ6rc@>GRf7Up zRg1!G6pB6GYBz(rrfH=?otjn2D1qA`*kp92G&cc=!rv79&DFmW+THk{Y{ma~{7>S48vh^hKl@GxJCr#hfCwN0hyWsh2p|H803v`0AOeU0 zB7g|oMBu&cAH+_VXYU?te-b-ivD?|-K8$S^vbLkU%}Uapz3s#O%_7TPnC6}MUqmT? zFaCc{Zf?p3`5^*`z&9iCwGY>?zj}V~VDH(ppFP{(^uTVGA+mZ}C+%z|OW6iaQMPF^ z1fI=w4Z~mAROhKddps%mwvZ0h%DNy(-OQZ!q;!o6Ij1cZ{f@Nm;{psHVkR$?WH1l`Q5V>r z%rzSFGPec|)+sk&Y8pSF7v@OyC869ihs;!O(mh$phP=||8;X+0gs>x6t%Bcf;!9Bj zt&@m8v?OO%owYFUw0b?G#ZEglx^Iy9GS373B#f*HWVwfxhHnfQ=6hyY?n|M(7I2vd zc!dXHbK@qTxe@XjgjloB8nQACxsxJ^LRe_j*FsBX>zitEtX$DxCYI+8l;af+%!rfd0ZxbXB@O_n)9#5Or8iY~J*mm9HO zrzM5gz1l|93LRNsm3E#3f>0YxU986mOK@{&ick9a+gK~BLn~Z&9Fe`0B!^gpB|-kelk$`$;?Vx!~9|?aV=$5EVV=60@iod)qosjG6l*A zon+E)kNQ=dF|c})TH8)#-0D=DdUZ5zgD=0tHXT(c^RIW_-!S0j=<^fB`G=pLjPw+f zp{OjGGA+xdEh|G4q@FcQgHGcq)27Xg&A?t{8sDwtD3RpY_PONLTB;;vQ+CU;)S|yA zHJoatl}{Uz47=sKDLK}+AUWr<3MHr0H$=}fM#_@!1Nlrb*=BBFG`%?{=LVq=w)3ZA z&H?3I*mznx1tt#jVk)gVV zP2f!0$fk9Q(0}>9PG$e<(+g(}`?@Y~Rr=i-?4-?6^F znQ}zai}5eh*ZDOlpH44KjUA|jIfOGIP3Xw1c``476DcEA7|Au-v&G!Z6qjCUSYE&| zjc7&@P07Ggma%rTzLeL>s?4{S6|FJ6P2aceRHLE_bH)KSCN${!Li18qGe`JFY1FRE z0&z4|q)O1T?Ob=LN=3O{&48hku2PdqyFTodlfn!bp2QZ0Nel*R2HKj(ixqalbL?0H zm8focCCh?tR@e-uY3FQu;lb%em;+Fe!Zyn)^*jc`XjU{8fl|-0p$z9DzhG{{`puvc zPW%0IxyCbPtUqAXT3#}lb+z=3go0~t<}sL{C|#K)Ij*@}w8`957n!vsN!PpqP-Gov z(i`+ERVA8Dm0=ZlR)C{_yVRve4R1B&EBbV;C6DlQk{K@9-h%HpgRmeGjtc^#qK`t! zkw#*lb5wTifEl(L_LE65BMqpE34rv&Od&!5LK zjGbnP45`x=ZKfI0G|3c^q4h2WpEH)7p(zG8>02+s>}fk+J&%!QmM~~5MVq!okx^>h zY^qD)rcLNLlf|dwKEn; zrEZ(*?n$a-mPye#V^Lij$LX$ZQW-N#!}VvAWYP>QJ()^dFvnYNaos%ukjm&LNy9h{ zL3O({X>@Udw%{&UI?I@FC(Sg|CX=~sqC1;J-|}YM_NM-Cd%gXR2AkFX+g{l_fPHj( z+uC~X-`@Mr@B>|l03z^~384LdwEvIx|Iz+G+W*J#jm^RhCP!%hAKLD`eUl@!{~uWq z-OA($?f>7#yb$gG|5eNj(f&W$|Nk!c|6iH;ZodED`FiU;W%tkF2f7e}?}WhDz1{nt zoEo$J>~HU%pI&*}Ym?uOp}gORmTZIJxg}detJ+3}n~k}#KJ+9>muxGj9F6dS{Ek_& zog2zK-@>f*+$bJetu}fckr*3&p(eu_+NlLwVPoY6EmyI~boDmYYr%w?6{mD>KAv!C z*DiE~nO4uYMXZol8??vvW}2$C=ABZjl&lQL)1h84G7D|d4TV`d-pjTK7ht_NBH(0N+6gaW%S8?sch+YZ-53Ca_H%iDkN?o<+B32lS2Ht8F zT2>}2m6}J59L|(8?Jyr57Etj%%Q|7s2lYw5-p{C7xw+)PIL8}fsk`QqjR{6bVJJkW z2vl5U!60NQDc6Q3>g|>iHp9z?@mgx?UbTzIzM*0K!W^2*c2k|{O=@F6k3kFiy4_+u zsqedI9^Do^?{L{tn^!{+s?Zd+ZffNMxtMWAhnG^&P(FL4Wh<*xi$TIpuC<@%TDcxFPB89=Om6*sZ_rlp5E&sa2L<)m_gR?h;8J(D_T|Rn)!9zJ` zXBga@0Rk7euvax7Y zr7pSZA32?sDE6k+kx|U?j)~u`fB5{Md{Da3k=ZF3N5p#0bk9@nEmfw!J5YZfF zv^p0T(6^_Bw$;g1nc5=ES^7*btb~kg6wIr7{;r72-}J+NB5jD2(;k+Z3YT9L$&sE+ z`BUEs>aB9V05Cm0D2~?c9xX_;dK3om@R?L*RA`m2FKt3&XPI%CU6n`*bZ{!Dvh7Mc zqt@YJKS#*J^PVgQ)~|~TxWW4Vs_{Mc3$5?VhVD=L#B$8(E%+~05@1cHTsK=R%g}~C zdvfyTR?BqUshPi`crsVv&JG4%vnq4NI-h5okrh4&l^pAs5>V8ly(;vqyt=~7m6V1L z(P==oGwh7vVX2-adJDsq(vo|sM1#gWIC&uv0tt zc%xF);K@lV5&970~lW zH(hTDjU(KcmAlfo##2f4D6{I1G&l+JrQFfT_voW$Lsf1(DHwhKhyUpxx)1?G01-e0 z5CKF05kLeG0Ym^1Km-s0MBp7J5S{-=-~Zp?7mTWg2p|H803v`0AOeU0B7g`W0*C-2 zfCxYW(f)rd{+C^fCwN0hyWsh2p|H8 z03v`0AOeWMJ4PVd|KE-O{jK-^G77{*U1Ux)1?G01-e05CKF05kLeG0Ym^1 zKm-s0MBwcci0^KH8Xx&1(|+pN3)>?;xV!yXJTTo+*FSanXlMIL+zf2X9?e|cJ9T}q zy?qon?O^71T~nW(MSpMyI_ur8>$&>O^+%_nKa6cZio2T>W~&o7GTQ&&jsMnG{J+Hi zef(d=|7ZNS;{WvRR}iI$2p|H803v`0AOeU0B7g`W0*C-2fCwN0X9VKgpT;h%0_=XU z{aNhdBEa2`wx7hVt^w>k*glHAwgj*pxxTgnaOZp5kM=Jw07U!$cjNzTEB+Vp{}%s` z@qZ0((S-;g0*C-2fCwN0hyWsh2p|H803v`0AOe4_1ipWF=gEV8KX8brmOa*k*${63 zlhO0{ci!MbL_T}lI}Z*valU`&Gz@tmb`*x(i=Bqq?El}5|KV2rzsCPK{)h3ujQ`nR zYXwnehyWsh2p|H803v`0AOeU0B7g`W0*C-2@CE{r3Bc9$fQ?;6ySFLWUShyWsh2p|H803vW}0$+c*cmD^^pC3Hfd-m+N z>-+k6T%X!OhOyHOks)>3qRliznkJbdGPK^M;B&^ZGc?8ECavq)3{9qNi=a%4HV8b6 z>lBS!hE8QO-4t%vbXvEltm*i^MdD=Y37&dFPzfCWg3f+{<4JgfM;GyA^AmY&eoj1| zL>DWFQaQm1swU+m4rs#06_X{2>+u{1+=&B1i3N^Sw{2ZDC#}YET#}`wr8DJLJ~e6- z_?#bdPFpJa9ckUi1sFcWOkOC-U?2jbF0ehBYc%9#ZVei&Q*OZ2G=4xY%#rF#Lb+!S znW^5Sd$N)Zd8N%a6eW)dVMnl91;5?Im!bw*ClP&35SdkHEzCQuUe9Q;(@u@<8zjEW z^FTidBWnU#?qQ|j8v};`XrQYfzlT;>5@;X&BkxXEX3MC67w`>Y^qAmqYLkxD|S zF3h31lmWh}7PpkeHn|*knlvu6(wSSSBR0ZztAJxhvoW`LVJYySa#l2!%!OvIvF@~_ zu&Du!b<9a`(63Y#iDez<^j>D!u*_iqD1?-p3d`K2v1+XCf#wi3F5C7&KRKTG-NtlG z0VYe@7>qz?j}|^F_lND`(yW-6OKOyrqxk0B%@We=$SqD>t>iU*DqohRd{G8e zRBVe61@tM)Ln^HeL2zV?l>)u z_@f3{tgS(J6S*b}A`hCF!`6JOR-NT!!Vn~GP%qC1y(76qH-mbgXD3meL8#;)2MH*u zZLbPFE3dB1m6V3}KGtz*wlnOE4bkgaqPH+yDJ`A7+Edb}pxqKz@L~9zF)Az!aXE|L z3|6ZvZpAJ1%sksL$;L`@Lsu8u^G4naJGCgWGHiYDO>qULtAXOHx1jLADN7jO*&J{M zkja-VvS68(IN(YJL!`PvRpA+n4OXNaNHhOPC{GIOVB8BiDYuaIb$c`{)uxE^vCEq{kVJwg}wwW6kO>Zve2B8qP^QR&T`@V9ns60?i zUU7gRlD*JbdDRqOZxttbgPP^}qf~}XrI=Q@rjoXmGOS8Y>U3s3Y*go4l@>>P(qN>G zWU@NtIA=Z;m_liu$yBGd*6z((%j#M$J93T+c?ZgzidTV>KVpHxW5BV248n~-2qyx; z$pD1;NTOA|!m@24C#6C|Sagy{YM+G#(Ydfyqypb8NCqae*-d0ARN6ADgIuu(!4CKNA+yR&@)HzAv+DD?RjjHpbS*GbGD`I8k z1PjxeOeR5gF{CD}@1%Piy9lgMatf`anOx@v6W=4SvNgA+AP<| literal 0 HcmV?d00001 diff --git a/explorer/organizations/fabric-ca/org1/msp/keystore/68df689393af8f641a514adaff97cd688fd75494544bbccb4ae6aa51c6d9e7dc_sk b/explorer/organizations/fabric-ca/org1/msp/keystore/68df689393af8f641a514adaff97cd688fd75494544bbccb4ae6aa51c6d9e7dc_sk new file mode 100644 index 00000000..7b006afa --- /dev/null +++ b/explorer/organizations/fabric-ca/org1/msp/keystore/68df689393af8f641a514adaff97cd688fd75494544bbccb4ae6aa51c6d9e7dc_sk @@ -0,0 +1,5 @@ +-----BEGIN PRIVATE KEY----- +MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgthEPXAsBR+Um9LNx +bdOxgDkUl2JFaOCG9PpTl4qz8KOhRANCAARkqtAurq29hx7M5kDr6iTm+r2Y3mTP +o1n1B48UBklQs+vv95ErvZXurVr1OxLfxRZ89+9LCADSXoWtIcO+B/a4 +-----END PRIVATE KEY----- diff --git a/explorer/organizations/fabric-ca/org1/msp/keystore/823968278fd5d66ab74076163ca3f590206f5516d4818573b89daa5f269726c2_sk b/explorer/organizations/fabric-ca/org1/msp/keystore/823968278fd5d66ab74076163ca3f590206f5516d4818573b89daa5f269726c2_sk new file mode 100644 index 00000000..41b93f46 --- /dev/null +++ b/explorer/organizations/fabric-ca/org1/msp/keystore/823968278fd5d66ab74076163ca3f590206f5516d4818573b89daa5f269726c2_sk @@ -0,0 +1,5 @@ +-----BEGIN PRIVATE KEY----- +MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgIf1vqcuLUjk7PVoC +RDfK96GXPyb963q1iWodEiec+GGhRANCAAR57dU5ES72AB4RXlS9OXd1YXWhsudh +QwTX+xAg6td54V+ZEgoxg/sCaDo/io5hSaE34S0BuUgEmb554VatPMPQ +-----END PRIVATE KEY----- diff --git a/explorer/organizations/fabric-ca/org1/msp/keystore/IssuerRevocationPrivateKey b/explorer/organizations/fabric-ca/org1/msp/keystore/IssuerRevocationPrivateKey new file mode 100644 index 00000000..65a282fd --- /dev/null +++ b/explorer/organizations/fabric-ca/org1/msp/keystore/IssuerRevocationPrivateKey @@ -0,0 +1,6 @@ +-----BEGIN PRIVATE KEY----- +MIGkAgEBBDCRElgwMOdaaoHnWg81iP0d1VG8ctr7DuG5L15kv8hIm98jOw9nuScx +gzuoeEqmUcmgBwYFK4EEACKhZANiAATPQVYpHouqjKlG+tIvrXpG2EmX89eWcnIc +8xf3AS5W96HfdFJEH0y5KfYd1b93mZgRGcg29Tc2jHw/ad4NGxL/a96Zdmpm2yIx +qm73m6t/Pa1yWuxbbZg8G1s5sZ6sB8Y= +-----END PRIVATE KEY----- diff --git a/explorer/organizations/fabric-ca/org1/msp/keystore/IssuerSecretKey b/explorer/organizations/fabric-ca/org1/msp/keystore/IssuerSecretKey new file mode 100644 index 00000000..4bd7e300 --- /dev/null +++ b/explorer/organizations/fabric-ca/org1/msp/keystore/IssuerSecretKey @@ -0,0 +1 @@ +؀֕n'.v|HQ C c: \ No newline at end of file diff --git a/explorer/organizations/fabric-ca/org1/tls-cert.pem b/explorer/organizations/fabric-ca/org1/tls-cert.pem new file mode 100644 index 00000000..232a8e49 --- /dev/null +++ b/explorer/organizations/fabric-ca/org1/tls-cert.pem @@ -0,0 +1,16 @@ +-----BEGIN CERTIFICATE----- +MIICgzCCAiqgAwIBAgIUcUpOmkTyXyAOYAvbdPvhCWuGpBowCgYIKoZIzj0EAwIw +cDELMAkGA1UEBhMCVVMxFzAVBgNVBAgTDk5vcnRoIENhcm9saW5hMQ8wDQYDVQQH +EwZEdXJoYW0xGTAXBgNVBAoTEG9yZzEuZXhhbXBsZS5jb20xHDAaBgNVBAMTE2Nh +Lm9yZzEuZXhhbXBsZS5jb20wHhcNMjIwMzE0MDA0ODAwWhcNMjMwMzE0MDA0ODAw +WjBpMQswCQYDVQQGEwJVUzEXMBUGA1UECBMOTm9ydGggQ2Fyb2xpbmExDzANBgNV +BAcTBkR1cmhhbTEZMBcGA1UEChMQb3JnMS5leGFtcGxlLmNvbTEVMBMGA1UEAxMM +YWUxMzQyNDYxOTVmMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEee3VOREu9gAe +EV5UvTl3dWF1obLnYUME1/sQIOrXeeFfmRIKMYP7Amg6P4qOYUmhN+EtAblIBJm+ +eeFWrTzD0KOBqDCBpTAOBgNVHQ8BAf8EBAMCA6gwHQYDVR0lBBYwFAYIKwYBBQUH +AwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFBoWrOwsjj6NSD9N +jk9RSHIc9zPLMB8GA1UdIwQYMBaAFKh1I+0UzVsQgKRQ26SH8wvlatSMMCYGA1Ud +EQQfMB2CCWxvY2FsaG9zdIIQb3JnMS5leGFtcGxlLmNvbTAKBggqhkjOPQQDAgNH +ADBEAiAYLf5nVlysDOaszT+/06+9mxBhvDjWrwJI1giArbOanwIgInGjCgRBzgAt +ymj++G7Ik4OcBhvxMDdc5PhH7OXLSXE= +-----END CERTIFICATE----- diff --git a/explorer/organizations/fabric-ca/org2/IssuerPublicKey b/explorer/organizations/fabric-ca/org2/IssuerPublicKey new file mode 100644 index 0000000000000000000000000000000000000000..6b40123ac64f42313a0162c6eb8d29ccca318f0f GIT binary patch literal 843 zcmV-R1GM}K0#8*61X6EoWeN;MZgOvIY;9$3bV)=C5K?7!Z)0I}X>V>wVQyq>WfDXR zAmK}3>G6*xObFLRL;dGM`8NaE-BU`oNbqh5hX&tt>OA5UpC}H zYLQ$QJ=5auTp}7{exvjnL<%6tQ@c%kVl^?qw~-BoCc~qcZ1foW%2YcpfZ=t2#PVVi zAQBAWovRgltd?_*1{(!gIh=x$J39~L5tsvsS~F^_1(T%Ln7{D*UcE%$&2)>)T;xb=POYn zL<%5`q32NRKUd)epHDpce?VW)a+7K-s3~I<`!vf`M&)P{Ad*zw5p?3ym9<9o;h3{H z*WLe;1TFdmu+*wxb{x{lEFwe-Afn!)`}8&Z^Ccq#3zNgy6RY9kBPiFM-JB2!sePV# z0TLi^Nb~4tbLW3%8V|78zQP?lGr3LlQgZ~w$j#33R4)f2L<%5K(cILulre->GaD|o zE&Eqs?H>SjMSJJ40bHFDlFo+`AYQ>~D6R?Xd-hKjh2`{(*=lUMRZT)ju>g61ILm&{ zlPZV-3Ls5;f#35&mjAr=HsX<3>-@z0LL%yuNKj~?R^~FXx$hDn_|BG*Yl}gjj+pP7 zTgDlwi`v}7$%Q^(QL&Q^3&>4=8X$E;n!`XFSK|2`Ty#F#Py2ps zzIm0>p@xBsJ&Qd#u z#icq#3Ls1Biz$B8&3)$QRoB<@WCAk_V5z(g&$K-gur+ip080`e?`T_<6rR5Ex_1J9 z5!joR4x-n0N142b4f~cagp!{mLLeYce*Q{Pt(7^PgO7K4QS!~KqyYD0jaK(~_s98e z@PSGoWo7EE@qG|VLw6mA5Cy4z:@:/ + # TLS configuration for the client connection to the LDAP server + tls: + certfiles: + client: + certfile: + keyfile: + # Attribute related configuration for mapping from LDAP entries to Fabric CA attributes + attribute: + # 'names' is an array of strings containing the LDAP attribute names which are + # requested from the LDAP server for an LDAP identity's entry + names: ['uid','member'] + # The 'converters' section is used to convert an LDAP entry to the value of + # a fabric CA attribute. + # For example, the following converts an LDAP 'uid' attribute + # whose value begins with 'revoker' to a fabric CA attribute + # named "hf.Revoker" with a value of "true" (because the boolean expression + # evaluates to true). + # converters: + # - name: hf.Revoker + # value: attr("uid") =~ "revoker*" + converters: + - name: + value: + # The 'maps' section contains named maps which may be referenced by the 'map' + # function in the 'converters' section to map LDAP responses to arbitrary values. + # For example, assume a user has an LDAP attribute named 'member' which has multiple + # values which are each a distinguished name (i.e. a DN). For simplicity, assume the + # values of the 'member' attribute are 'dn1', 'dn2', and 'dn3'. + # Further assume the following configuration. + # converters: + # - name: hf.Registrar.Roles + # value: map(attr("member"),"groups") + # maps: + # groups: + # - name: dn1 + # value: peer + # - name: dn2 + # value: client + # The value of the user's 'hf.Registrar.Roles' attribute is then computed to be + # "peer,client,dn3". This is because the value of 'attr("member")' is + # "dn1,dn2,dn3", and the call to 'map' with a 2nd argument of + # "group" replaces "dn1" with "peer" and "dn2" with "client". + maps: + groups: + - name: + value: + +############################################################################# +# Affiliations section. Fabric CA server can be bootstrapped with the +# affiliations specified in this section. Affiliations are specified as maps. +# For example: +# businessunit1: +# department1: +# - team1 +# businessunit2: +# - department2 +# - department3 +# +# Affiliations are hierarchical in nature. In the above example, +# department1 (used as businessunit1.department1) is the child of businessunit1. +# team1 (used as businessunit1.department1.team1) is the child of department1. +# department2 (used as businessunit2.department2) and department3 (businessunit2.department3) +# are children of businessunit2. +# Note: Affiliations are case sensitive except for the non-leaf affiliations +# (like businessunit1, department1, businessunit2) that are specified in the configuration file, +# which are always stored in lower case. +############################################################################# +affiliations: + org1: + - department1 + - department2 + org2: + - department1 + +############################################################################# +# Signing section +# +# The "default" subsection is used to sign enrollment certificates; +# the default expiration ("expiry" field) is "8760h", which is 1 year in hours. +# +# The "ca" profile subsection is used to sign intermediate CA certificates; +# the default expiration ("expiry" field) is "43800h" which is 5 years in hours. +# Note that "isca" is true, meaning that it issues a CA certificate. +# A maxpathlen of 0 means that the intermediate CA cannot issue other +# intermediate CA certificates, though it can still issue end entity certificates. +# (See RFC 5280, section 4.2.1.9) +# +# The "tls" profile subsection is used to sign TLS certificate requests; +# the default expiration ("expiry" field) is "8760h", which is 1 year in hours. +############################################################################# +signing: + default: + usage: + - digital signature + expiry: 8760h + profiles: + ca: + usage: + - cert sign + - crl sign + expiry: 43800h + caconstraint: + isca: true + maxpathlen: 0 + tls: + usage: + - signing + - key encipherment + - server auth + - client auth + - key agreement + expiry: 8760h + +########################################################################### +# Certificate Signing Request (CSR) section. +# This controls the creation of the root CA certificate. +# The expiration for the root CA certificate is configured with the +# "ca.expiry" field below, whose default value is "131400h" which is +# 15 years in hours. +# The pathlength field is used to limit CA certificate hierarchy as described +# in section 4.2.1.9 of RFC 5280. +# Examples: +# 1) No pathlength value means no limit is requested. +# 2) pathlength == 1 means a limit of 1 is requested which is the default for +# a root CA. This means the root CA can issue intermediate CA certificates, +# but these intermediate CAs may not in turn issue other CA certificates +# though they can still issue end entity certificates. +# 3) pathlength == 0 means a limit of 0 is requested; +# this is the default for an intermediate CA, which means it can not issue +# CA certificates though it can still issue end entity certificates. +########################################################################### +csr: + cn: ca.org2.example.com + names: + - C: UK + ST: "Hampshire" + L: "Hursley" + O: org2.example.com + OU: + hosts: + - localhost + - org2.example.com + ca: + expiry: 131400h + pathlength: 1 + +############################################################################# +# BCCSP (BlockChain Crypto Service Provider) section is used to select which +# crypto library implementation to use +############################################################################# +bccsp: + default: SW + sw: + hash: SHA2 + security: 256 + filekeystore: + # The directory used for the software file-based keystore + keystore: msp/keystore + +############################################################################# +# Multi CA section +# +# Each Fabric CA server contains one CA by default. This section is used +# to configure multiple CAs in a single server. +# +# 1) --cacount +# Automatically generate non-default CAs. The names of these +# additional CAs are "ca1", "ca2", ... "caN", where "N" is +# This is particularly useful in a development environment to quickly set up +# multiple CAs. Note that, this config option is not applicable to intermediate CA server +# i.e., Fabric CA server that is started with intermediate.parentserver.url config +# option (-u command line option) +# +# 2) --cafiles +# For each CA config file in the list, generate a separate signing CA. Each CA +# config file in this list MAY contain all of the same elements as are found in +# the server config file except port, debug, and tls sections. +# +# Examples: +# fabric-ca-server start -b admin:adminpw --cacount 2 +# +# fabric-ca-server start -b admin:adminpw --cafiles ca/ca1/fabric-ca-server-config.yaml +# --cafiles ca/ca2/fabric-ca-server-config.yaml +# +############################################################################# + +cacount: + +cafiles: + +############################################################################# +# Intermediate CA section +# +# The relationship between servers and CAs is as follows: +# 1) A single server process may contain or function as one or more CAs. +# This is configured by the "Multi CA section" above. +# 2) Each CA is either a root CA or an intermediate CA. +# 3) Each intermediate CA has a parent CA which is either a root CA or another intermediate CA. +# +# This section pertains to configuration of #2 and #3. +# If the "intermediate.parentserver.url" property is set, +# then this is an intermediate CA with the specified parent +# CA. +# +# parentserver section +# url - The URL of the parent server +# caname - Name of the CA to enroll within the server +# +# enrollment section used to enroll intermediate CA with parent CA +# profile - Name of the signing profile to use in issuing the certificate +# label - Label to use in HSM operations +# +# tls section for secure socket connection +# certfiles - PEM-encoded list of trusted root certificate files +# client: +# certfile - PEM-encoded certificate file for when client authentication +# is enabled on server +# keyfile - PEM-encoded key file for when client authentication +# is enabled on server +############################################################################# +intermediate: + parentserver: + url: + caname: + + enrollment: + hosts: + profile: + label: + + tls: + certfiles: + client: + certfile: + keyfile: diff --git a/explorer/organizations/fabric-ca/org2/fabric-ca-server.db b/explorer/organizations/fabric-ca/org2/fabric-ca-server.db new file mode 100644 index 0000000000000000000000000000000000000000..790a7986d75b6494f2c852cbf4d3da0fc9825e8a GIT binary patch literal 65536 zcmeI5O>E=XeZZ};#~yRXqseBc&Ynh@-37+g%!s6@uPqi+eu<(aN}@#SYq2o+C5jUD zO^K3&pqNS8Zqc;qsR-Jlm-Y}8P0(YLLk|T4^icHF06p}UYf}^`&=%++eWYYt_SlX$ z^(M1}$B`}aeet~?-}}GE_y7Mr6)|r)MyNFy_Y@}--MGII2yFajD73M$u@8RkgP-H$ z%iv_|_yT+f*3K_G-QRe|eRpr?hZ}p_-`{xa-Mc74@BR+*Yj^&6SKR)7@K5gjV^G;! z+$nqiE-M0tLjsThB=7|wu=B%!vj6mH;F|+SQEfvr#*WppG{rF{hXY$bf4xnYSyEy{ z5=rIR(4+Iwk3x?vJya#jbcQTH#$&OAC!vWkwiNrYKkcc;IHcMGHB=}{p@N*xKM5&Q zr#%>3&f>6ZEDkN*=zF(+HJzp$+KOt}etuA5z4WR z$7fn~c{>gcUhdxC+27v}d}HJTo`Q@M|JSWEDE*)d=sBRy{gAqF4CP74SqzOex^X~P zX|*idQXC63{Fpn2;)ECFIAcqlf+rc0*t)c&W*j%{NvNmH4~_nKVB0-_eR3LcDFCal z4aQ?ba}I~fWa19S9!&ARCvccqk2>Q*yzdl?8;P===?0m@Wz5m?!3$KsA06hWp@$>OY zEAe1^Klj09cR16@vGuFlcg+pntK;+StE#x3#cSo^nL@mfov+>9+5hTS120IwhQsk- z=nX_;a(cG6jwW;(9(uewUz|Mu<+z(E_Vj#jS?|He*$xh(d)xcmS1)V+>8%d2)AM^T z_K=O@OF*XJ=>sz4rp& zSjqCS;mcFSo@l41ch1y&E#d;F%hEeL*C4WW zwuh~)DBd_Cm&|t8Umd)7`)wcT3)Amp>r>PE`I&ifea@eR9`}{rshGb+unxxt=u>CK z@1?TkAo1m^ro;7mottG=Q4>y1Nx4>} zBTtg*GuEcP0zUrQBku*^(T9)Pt!M1XZXVA(dh*EM0Rl1pjli|PyZh)vXFN5&{$xF$ z1ojorrN1gUdAjGgmg`)OPj3C})(dy*?!y;b`+F~QyP&~?v56~s&+4xl-AE9krLw95yx(DKoy_o(09d&zn&_g-GGRjav0ghS;fm9La)CU1z{zPNCvM@?6rHiQyxXxJe0 z3@tIWDD6smu~D4MYE82(ut$5HX8X6gstM;F_Oj%wGF-RKV7&dus(X8Fe#5)>&u+b( z2A0qGo5kJ0?w$3XP382dRdmEjlT1!Xr#YJwifeSqq)eyOxGhH#S*fEFC~YR5WiX4M zn4Dr=@QllbX-%B5GJeJwwqXLTOnG1%6Y#W-$M&y3Iy;ohzLsOWmI6DMg6})VxM%1< zX<*Rg6$v?`PnYvoBsi@dd7^4qOMbp;YyC(tud3l`xfitdlb<1=qiqF$yb=8G;E#hp z4gTb{lk>1bkN_kA2|xmn03-kjKmw2eBmfCO0+0YCa4~_s&4+=L9lNdF&HaGCk+tca z`8!Fs?riSw`g<(5K?#B2|9a)@EWa);5{5zokid--__PbQwmj<0qG51?dI$E@|9BDpXBqL-J1Cap3n7{< zOMIHAfvLJ5iU>SU4?8qXb{8h;@)T+Ea=slC&A-UE~r9NOrxHishmA+NUSVS{BdpbNF`&t&3bmytd;xCIzMM5GQTWvB2gL2_QN`) zunZF^-h$D zSZXsY^A0l4ggYI#l^3V;RQyXCAacj5=xih1?r3ht^)q)U%5>8MQl?v}X-vpP;{!e`)aQ$E6`!`cc^wZ6F7JUZ zqh*Am1}?|*HI1vQLs!^snB3&^}nHo=u<(#p|w)IRIbfg6z2N#2;6{DKH z<`6upw$9lz)#BqkP$lrab}!$pPPJZYqH>t6_RHBa4dVLCr-AU6Ybjh~TJ;`h6FgUBu2^voTN5s`H(u{355)CM{pPtp@H zOXc<1$Sxz}tWcd135gSm@oIsZha(Mpk7D`n-Gqn8Fz z-qo02P}(G?l1i29-D<5Im&48oA)0iI707yzAwQF}VV7bJNE@>2QUnjcR2Pl9c)q7G zWfzQZk_Vc_{LqZIre$62lWu}bXCi22f;Ev=fdG?eK0LDen3?AI(Rf1h8KzCkNw$*D zH5X`}SR5%8JSjJ`yh3r)XgF6IZ~~g3GcM&`F|6}(hPQ`WPoA@@ zAwiKEpwz~+eqn+%>)kmgk@e-M9sqy4)S`LBPn&grEj4LYVjUGn=V>sSmuUov;i_GM z(a>hc?jb@?c7+ZF)>HyVEk;~LAX22sax}dnR$~csjZIGZ`kd~Fc&FylZ^_RwV7&Vt|g-j87H#+Vl6v1r;$QDA8CMmgCy_0G#ZnPi zjv;F%C1xXdqU(-ZBh&28TbX>UuEfHk6IF>LvgfBQvux&w)J@Z#ASzyHt6Y1gMJx0r zPvBCqQI**;qW1HaJI75g@Cz}MOFN7Y=HcFXfw==3=EH}W*%=V_I|KGm1wQ+AN_}9VOz3&BY z-K*dDTMjG`5`Y9C0Z0H6fCL}`NB|Om1Rw!O;I$x7+4}h70EQ-`iKG@+R7Fu*I`|}_ zEus}wlo){%Ei8uVXdF#kbCYOW+WO?-Bo>Rtm6#DtBvNWZ#S%u+-%*aKC_w4*8h8Uf{6eAf9p>- z-fHY@fG>DJ0AurSm~x*hCCW^rsvz+uUs0=?rOEI*!PuS`wK%H6Qj&`wAJ7 zp;*$QTr+9K)RAg1C4-u`^VPgyGf11PDC3!8bdyZj%{#dm6K-oFZ{~`Vh)(k{yE^L+ z>u!m%is4DSnVK36S)8$Ir5_>PbUA`74DBkD_)n|1PfX&!y|?T8$=$Hp;`5O(JqZ}h zcETqTMpHRT#)n2B+KW!=aiL~3Rf=uoo09OxNtpDn$|PQ|7l5A$do7cAAV#94xz=Di zqi#B-HJExfQ$n-4l*)CLoXyq|V4E8r>84y6<(pW#p@bLOOtRWURM3Xw2sTe~Q>T?d zolba=87Fln+}8*oT?# zo^U}fkS>jL(nYvTx_H6`xt_C4^~iIFdd1fUI4&T*=K_79WZ{8iNs|^!4)fLGJZ4ld zX412g*04^sx+AmP%2o&x(dpTI*vQ22I^G_cF3r>JPJ@l1nFv0NP#N%t#EMv?SZt{S z1&{Y~gH*}RS0ZCRFE$nz8`k;@>)(5S>qM~p(ZSNQ?}k;EpO0WcJ;BnqP6P{=5xd3| z&p23_%DaX5SQO`#teB}#jWBnmrr1N2O7vmYVXNfpsi}%C*=+#pe^%bDd&s z){9&DAzFDlJ3xR>p=kN_kA2|xmn03-kjKmw2eByeK{JpX_A{(oaQVL^}p zBmfCO0+0YC00}?>kN_kA2|xmnz-vjs)Bgv8|FZ!;@PGs$0Z0H6fCL}`NB|Om1Rw!O z01|)%Ab~fGz;@vF#%^F&hxY$(*n@@5fdn7{NB|Om1Rw!O01|)%AOT1K5`Y9QAOP+E zFMtArAOT1K5`Y9C0Z0H6fCL}`NB|Om1R#MojDV;A-wyuvM)2Q)KMwv~@Vmi31{d&v z1Rw!O01|)%AOT1K5`Y9C0Z0H6fCM0cnbW3?q3jW#6HxQNx2|xmn03-kjKmw2eBmfCO0+0YC z00}?>#{`0#?*-O&0k-dNeh^sS1i1aq=F`CWJ%FtTn~}gPTL7D0=qoz_x4yJ_uzPj` zz|;TV4*vN@@V|op3U&bg7M#KZ5`Y9C0Z0H6fCL}`NB|Om1Rw!O01|)%eyIe$a(nCP zgWbW{#GmQLP#HTtp#I0a>pNRp5BB_+uWYW;U~6e`kOuq8tqWqj+}NGKDmUio|8EEX z2K@d1;7@}86#Nl5g$E=62|xmn03-kjKmw2eBmfCO0+0YC015nx33w&|=l26{-`RZN X2X3um&+G(jUJ!`g+S&B?6|nyU3D9p) literal 0 HcmV?d00001 diff --git a/explorer/organizations/fabric-ca/org2/msp/keystore/605e9fc837e1cfbbaae5243dfd01cc262fb531e911a26f5e43f1e7e8d78adbb1_sk b/explorer/organizations/fabric-ca/org2/msp/keystore/605e9fc837e1cfbbaae5243dfd01cc262fb531e911a26f5e43f1e7e8d78adbb1_sk new file mode 100644 index 00000000..1fd5be7a --- /dev/null +++ b/explorer/organizations/fabric-ca/org2/msp/keystore/605e9fc837e1cfbbaae5243dfd01cc262fb531e911a26f5e43f1e7e8d78adbb1_sk @@ -0,0 +1,5 @@ +-----BEGIN PRIVATE KEY----- +MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgsvEzqdtTd5/xRdR9 +a9R29xPIdwihA0LpAFrtwAtd+9qhRANCAATVzuLbMEY2z+BiYvwsj2OofY9h8WQT +234052JYf6SvzpPGEtCZQ1UsXPN8lNuCZzlia4Lvzeu0MTuYrfgMUyn+ +-----END PRIVATE KEY----- diff --git a/explorer/organizations/fabric-ca/org2/msp/keystore/IssuerRevocationPrivateKey b/explorer/organizations/fabric-ca/org2/msp/keystore/IssuerRevocationPrivateKey new file mode 100644 index 00000000..04b2e429 --- /dev/null +++ b/explorer/organizations/fabric-ca/org2/msp/keystore/IssuerRevocationPrivateKey @@ -0,0 +1,6 @@ +-----BEGIN PRIVATE KEY----- +MIGkAgEBBDBxn9pRW6TnHNEwpRzsXa6D9ZiGAh9iHDBpd8PftITs5NkNrr8SDUsB +L2NcUmBLnuqgBwYFK4EEACKhZANiAARCUfDllvmvqI5S49V35TqZzVSf3BpxIdhd +NhiupfltYP6T6OSOFLbCwKhDCW144HR80trau33TFt0iWi6IAs9zhhcC7cbrthVJ +QaZWssMJtE3Tt6gkw1PVLHXSZaJpuZw= +-----END PRIVATE KEY----- diff --git a/explorer/organizations/fabric-ca/org2/msp/keystore/IssuerSecretKey b/explorer/organizations/fabric-ca/org2/msp/keystore/IssuerSecretKey new file mode 100644 index 00000000..f8d68671 --- /dev/null +++ b/explorer/organizations/fabric-ca/org2/msp/keystore/IssuerSecretKey @@ -0,0 +1 @@ +0[x]|9C4ڨ&IK \ No newline at end of file diff --git a/explorer/organizations/fabric-ca/org2/msp/keystore/df47e6d8568f0c9b32ada1509faa085e17d9f8e8cc2eb14ec4bf6e6e1bc7dd25_sk b/explorer/organizations/fabric-ca/org2/msp/keystore/df47e6d8568f0c9b32ada1509faa085e17d9f8e8cc2eb14ec4bf6e6e1bc7dd25_sk new file mode 100644 index 00000000..dd289560 --- /dev/null +++ b/explorer/organizations/fabric-ca/org2/msp/keystore/df47e6d8568f0c9b32ada1509faa085e17d9f8e8cc2eb14ec4bf6e6e1bc7dd25_sk @@ -0,0 +1,5 @@ +-----BEGIN PRIVATE KEY----- +MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgOvda6qtlrbEFNy/o +lgx7G5Cr234/DonwdrtvGCTkg/uhRANCAASxlrYk2PBdeLPLETVAR+bQXJjWRHzG +or5+lakpiX61VCjsA3pNinkWQvShlLcERW5K6AgIfsZLq7wWwS7NcZmw +-----END PRIVATE KEY----- diff --git a/explorer/organizations/fabric-ca/org2/tls-cert.pem b/explorer/organizations/fabric-ca/org2/tls-cert.pem new file mode 100644 index 00000000..69a9f198 --- /dev/null +++ b/explorer/organizations/fabric-ca/org2/tls-cert.pem @@ -0,0 +1,16 @@ +-----BEGIN CERTIFICATE----- +MIICezCCAiKgAwIBAgIUETB0z6HKDtyEiAsrLSfpNHuM5uQwCgYIKoZIzj0EAwIw +bDELMAkGA1UEBhMCVUsxEjAQBgNVBAgTCUhhbXBzaGlyZTEQMA4GA1UEBxMHSHVy +c2xleTEZMBcGA1UEChMQb3JnMi5leGFtcGxlLmNvbTEcMBoGA1UEAxMTY2Eub3Jn +Mi5leGFtcGxlLmNvbTAeFw0yMjAzMTQwMDQ4MDBaFw0yMzAzMTQwMDQ4MDBaMGUx +CzAJBgNVBAYTAlVLMRIwEAYDVQQIEwlIYW1wc2hpcmUxEDAOBgNVBAcTB0h1cnNs +ZXkxGTAXBgNVBAoTEG9yZzIuZXhhbXBsZS5jb20xFTATBgNVBAMTDGVkMDc0Zjlm +MmUwMjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABNXO4tswRjbP4GJi/CyPY6h9 +j2HxZBPbfjTnYlh/pK/Ok8YS0JlDVSxc83yU24JnOWJrgu/N67QxO5it+AxTKf6j +gagwgaUwDgYDVR0PAQH/BAQDAgOoMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF +BQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSZ+rE1cRqUoydSsAU7G7tu86ba +mTAfBgNVHSMEGDAWgBQJ/27kwrfqggkxfHL5Xa5+Qt3b4zAmBgNVHREEHzAdggls +b2NhbGhvc3SCEG9yZzIuZXhhbXBsZS5jb20wCgYIKoZIzj0EAwIDRwAwRAIgVUER +dmo04lpLEVzcbJA1XpQWyudz5HeBl9J9twjF6CACIAGrhfx9STeYoEHaWPK6/6Qv +4sjJ8MP24d3JYPH8kjqX +-----END CERTIFICATE----- diff --git a/explorer/organizations/fabric-ca/registerEnroll.sh b/explorer/organizations/fabric-ca/registerEnroll.sh new file mode 100644 index 00000000..181c270e --- /dev/null +++ b/explorer/organizations/fabric-ca/registerEnroll.sh @@ -0,0 +1,247 @@ +#!/bin/bash + +function createOrg1() { + infoln "Enrolling the CA admin" + mkdir -p organizations/peerOrganizations/org1.example.com/ + + export FABRIC_CA_CLIENT_HOME=${PWD}/organizations/peerOrganizations/org1.example.com/ + + set -x + fabric-ca-client enroll -u https://admin:adminpw@localhost:7054 --caname ca-org1 --tls.certfiles "${PWD}/organizations/fabric-ca/org1/ca-cert.pem" + { set +x; } 2>/dev/null + + echo 'NodeOUs: + Enable: true + ClientOUIdentifier: + Certificate: cacerts/localhost-7054-ca-org1.pem + OrganizationalUnitIdentifier: client + PeerOUIdentifier: + Certificate: cacerts/localhost-7054-ca-org1.pem + OrganizationalUnitIdentifier: peer + AdminOUIdentifier: + Certificate: cacerts/localhost-7054-ca-org1.pem + OrganizationalUnitIdentifier: admin + OrdererOUIdentifier: + Certificate: cacerts/localhost-7054-ca-org1.pem + OrganizationalUnitIdentifier: orderer' > "${PWD}/organizations/peerOrganizations/org1.example.com/msp/config.yaml" + + # Since the CA serves as both the organization CA and TLS CA, copy the org's root cert that was generated by CA startup into the org level ca and tlsca directories + + # Copy org1's CA cert to org1's /msp/tlscacerts directory (for use in the channel MSP definition) + mkdir -p "${PWD}/organizations/peerOrganizations/org1.example.com/msp/tlscacerts" + cp "${PWD}/organizations/fabric-ca/org1/ca-cert.pem" "${PWD}/organizations/peerOrganizations/org1.example.com/msp/tlscacerts/ca.crt" + + # Copy org1's CA cert to org1's /tlsca directory (for use by clients) + mkdir -p "${PWD}/organizations/peerOrganizations/org1.example.com/tlsca" + cp "${PWD}/organizations/fabric-ca/org1/ca-cert.pem" "${PWD}/organizations/peerOrganizations/org1.example.com/tlsca/tlsca.org1.example.com-cert.pem" + + # Copy org1's CA cert to org1's /ca directory (for use by clients) + mkdir -p "${PWD}/organizations/peerOrganizations/org1.example.com/ca" + cp "${PWD}/organizations/fabric-ca/org1/ca-cert.pem" "${PWD}/organizations/peerOrganizations/org1.example.com/ca/ca.org1.example.com-cert.pem" + + infoln "Registering peer0" + set -x + fabric-ca-client register --caname ca-org1 --id.name peer0 --id.secret peer0pw --id.type peer --tls.certfiles "${PWD}/organizations/fabric-ca/org1/ca-cert.pem" + { set +x; } 2>/dev/null + + infoln "Registering user" + set -x + fabric-ca-client register --caname ca-org1 --id.name user1 --id.secret user1pw --id.type client --tls.certfiles "${PWD}/organizations/fabric-ca/org1/ca-cert.pem" + { set +x; } 2>/dev/null + + infoln "Registering the org admin" + set -x + fabric-ca-client register --caname ca-org1 --id.name org1admin --id.secret org1adminpw --id.type admin --tls.certfiles "${PWD}/organizations/fabric-ca/org1/ca-cert.pem" + { set +x; } 2>/dev/null + + infoln "Generating the peer0 msp" + set -x + fabric-ca-client enroll -u https://peer0:peer0pw@localhost:7054 --caname ca-org1 -M "${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/msp" --csr.hosts peer0.org1.example.com --tls.certfiles "${PWD}/organizations/fabric-ca/org1/ca-cert.pem" + { set +x; } 2>/dev/null + + cp "${PWD}/organizations/peerOrganizations/org1.example.com/msp/config.yaml" "${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/msp/config.yaml" + + infoln "Generating the peer0-tls certificates" + set -x + fabric-ca-client enroll -u https://peer0:peer0pw@localhost:7054 --caname ca-org1 -M "${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls" --enrollment.profile tls --csr.hosts peer0.org1.example.com --csr.hosts localhost --tls.certfiles "${PWD}/organizations/fabric-ca/org1/ca-cert.pem" + { set +x; } 2>/dev/null + + # Copy the tls CA cert, server cert, server keystore to well known file names in the peer's tls directory that are referenced by peer startup config + cp "${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/tlscacerts/"* "${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt" + cp "${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/signcerts/"* "${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.crt" + cp "${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/keystore/"* "${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.key" + + infoln "Generating the user msp" + set -x + fabric-ca-client enroll -u https://user1:user1pw@localhost:7054 --caname ca-org1 -M "${PWD}/organizations/peerOrganizations/org1.example.com/users/User1@org1.example.com/msp" --tls.certfiles "${PWD}/organizations/fabric-ca/org1/ca-cert.pem" + { set +x; } 2>/dev/null + + cp "${PWD}/organizations/peerOrganizations/org1.example.com/msp/config.yaml" "${PWD}/organizations/peerOrganizations/org1.example.com/users/User1@org1.example.com/msp/config.yaml" + + infoln "Generating the org admin msp" + set -x + fabric-ca-client enroll -u https://org1admin:org1adminpw@localhost:7054 --caname ca-org1 -M "${PWD}/organizations/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp" --tls.certfiles "${PWD}/organizations/fabric-ca/org1/ca-cert.pem" + { set +x; } 2>/dev/null + + cp "${PWD}/organizations/peerOrganizations/org1.example.com/msp/config.yaml" "${PWD}/organizations/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp/config.yaml" +} + +function createOrg2() { + infoln "Enrolling the CA admin" + mkdir -p organizations/peerOrganizations/org2.example.com/ + + export FABRIC_CA_CLIENT_HOME=${PWD}/organizations/peerOrganizations/org2.example.com/ + + set -x + fabric-ca-client enroll -u https://admin:adminpw@localhost:8054 --caname ca-org2 --tls.certfiles "${PWD}/organizations/fabric-ca/org2/ca-cert.pem" + { set +x; } 2>/dev/null + + echo 'NodeOUs: + Enable: true + ClientOUIdentifier: + Certificate: cacerts/localhost-8054-ca-org2.pem + OrganizationalUnitIdentifier: client + PeerOUIdentifier: + Certificate: cacerts/localhost-8054-ca-org2.pem + OrganizationalUnitIdentifier: peer + AdminOUIdentifier: + Certificate: cacerts/localhost-8054-ca-org2.pem + OrganizationalUnitIdentifier: admin + OrdererOUIdentifier: + Certificate: cacerts/localhost-8054-ca-org2.pem + OrganizationalUnitIdentifier: orderer' > "${PWD}/organizations/peerOrganizations/org2.example.com/msp/config.yaml" + + # Since the CA serves as both the organization CA and TLS CA, copy the org's root cert that was generated by CA startup into the org level ca and tlsca directories + + # Copy org2's CA cert to org2's /msp/tlscacerts directory (for use in the channel MSP definition) + mkdir -p "${PWD}/organizations/peerOrganizations/org2.example.com/msp/tlscacerts" + cp "${PWD}/organizations/fabric-ca/org2/ca-cert.pem" "${PWD}/organizations/peerOrganizations/org2.example.com/msp/tlscacerts/ca.crt" + + # Copy org2's CA cert to org2's /tlsca directory (for use by clients) + mkdir -p "${PWD}/organizations/peerOrganizations/org2.example.com/tlsca" + cp "${PWD}/organizations/fabric-ca/org2/ca-cert.pem" "${PWD}/organizations/peerOrganizations/org2.example.com/tlsca/tlsca.org2.example.com-cert.pem" + + # Copy org2's CA cert to org2's /ca directory (for use by clients) + mkdir -p "${PWD}/organizations/peerOrganizations/org2.example.com/ca" + cp "${PWD}/organizations/fabric-ca/org2/ca-cert.pem" "${PWD}/organizations/peerOrganizations/org2.example.com/ca/ca.org2.example.com-cert.pem" + + infoln "Registering peer0" + set -x + fabric-ca-client register --caname ca-org2 --id.name peer0 --id.secret peer0pw --id.type peer --tls.certfiles "${PWD}/organizations/fabric-ca/org2/ca-cert.pem" + { set +x; } 2>/dev/null + + infoln "Registering user" + set -x + fabric-ca-client register --caname ca-org2 --id.name user1 --id.secret user1pw --id.type client --tls.certfiles "${PWD}/organizations/fabric-ca/org2/ca-cert.pem" + { set +x; } 2>/dev/null + + infoln "Registering the org admin" + set -x + fabric-ca-client register --caname ca-org2 --id.name org2admin --id.secret org2adminpw --id.type admin --tls.certfiles "${PWD}/organizations/fabric-ca/org2/ca-cert.pem" + { set +x; } 2>/dev/null + + infoln "Generating the peer0 msp" + set -x + fabric-ca-client enroll -u https://peer0:peer0pw@localhost:8054 --caname ca-org2 -M "${PWD}/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/msp" --csr.hosts peer0.org2.example.com --tls.certfiles "${PWD}/organizations/fabric-ca/org2/ca-cert.pem" + { set +x; } 2>/dev/null + + cp "${PWD}/organizations/peerOrganizations/org2.example.com/msp/config.yaml" "${PWD}/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/msp/config.yaml" + + infoln "Generating the peer0-tls certificates" + set -x + fabric-ca-client enroll -u https://peer0:peer0pw@localhost:8054 --caname ca-org2 -M "${PWD}/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls" --enrollment.profile tls --csr.hosts peer0.org2.example.com --csr.hosts localhost --tls.certfiles "${PWD}/organizations/fabric-ca/org2/ca-cert.pem" + { set +x; } 2>/dev/null + + # Copy the tls CA cert, server cert, server keystore to well known file names in the peer's tls directory that are referenced by peer startup config + cp "${PWD}/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/tlscacerts/"* "${PWD}/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt" + cp "${PWD}/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/signcerts/"* "${PWD}/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/server.crt" + cp "${PWD}/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/keystore/"* "${PWD}/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/server.key" + + infoln "Generating the user msp" + set -x + fabric-ca-client enroll -u https://user1:user1pw@localhost:8054 --caname ca-org2 -M "${PWD}/organizations/peerOrganizations/org2.example.com/users/User1@org2.example.com/msp" --tls.certfiles "${PWD}/organizations/fabric-ca/org2/ca-cert.pem" + { set +x; } 2>/dev/null + + cp "${PWD}/organizations/peerOrganizations/org2.example.com/msp/config.yaml" "${PWD}/organizations/peerOrganizations/org2.example.com/users/User1@org2.example.com/msp/config.yaml" + + infoln "Generating the org admin msp" + set -x + fabric-ca-client enroll -u https://org2admin:org2adminpw@localhost:8054 --caname ca-org2 -M "${PWD}/organizations/peerOrganizations/org2.example.com/users/Admin@org2.example.com/msp" --tls.certfiles "${PWD}/organizations/fabric-ca/org2/ca-cert.pem" + { set +x; } 2>/dev/null + + cp "${PWD}/organizations/peerOrganizations/org2.example.com/msp/config.yaml" "${PWD}/organizations/peerOrganizations/org2.example.com/users/Admin@org2.example.com/msp/config.yaml" +} + +function createOrderer() { + infoln "Enrolling the CA admin" + mkdir -p organizations/ordererOrganizations/example.com + + export FABRIC_CA_CLIENT_HOME=${PWD}/organizations/ordererOrganizations/example.com + + set -x + fabric-ca-client enroll -u https://admin:adminpw@localhost:9054 --caname ca-orderer --tls.certfiles "${PWD}/organizations/fabric-ca/ordererOrg/ca-cert.pem" + { set +x; } 2>/dev/null + + echo 'NodeOUs: + Enable: true + ClientOUIdentifier: + Certificate: cacerts/localhost-9054-ca-orderer.pem + OrganizationalUnitIdentifier: client + PeerOUIdentifier: + Certificate: cacerts/localhost-9054-ca-orderer.pem + OrganizationalUnitIdentifier: peer + AdminOUIdentifier: + Certificate: cacerts/localhost-9054-ca-orderer.pem + OrganizationalUnitIdentifier: admin + OrdererOUIdentifier: + Certificate: cacerts/localhost-9054-ca-orderer.pem + OrganizationalUnitIdentifier: orderer' > "${PWD}/organizations/ordererOrganizations/example.com/msp/config.yaml" + + # Since the CA serves as both the organization CA and TLS CA, copy the org's root cert that was generated by CA startup into the org level ca and tlsca directories + + # Copy orderer org's CA cert to orderer org's /msp/tlscacerts directory (for use in the channel MSP definition) + mkdir -p "${PWD}/organizations/ordererOrganizations/example.com/msp/tlscacerts" + cp "${PWD}/organizations/fabric-ca/ordererOrg/ca-cert.pem" "${PWD}/organizations/ordererOrganizations/example.com/msp/tlscacerts/tlsca.example.com-cert.pem" + + # Copy orderer org's CA cert to orderer org's /tlsca directory (for use by clients) + mkdir -p "${PWD}/organizations/ordererOrganizations/example.com/tlsca" + cp "${PWD}/organizations/fabric-ca/ordererOrg/ca-cert.pem" "${PWD}/organizations/ordererOrganizations/example.com/tlsca/tlsca.example.com-cert.pem" + + infoln "Registering orderer" + set -x + fabric-ca-client register --caname ca-orderer --id.name orderer --id.secret ordererpw --id.type orderer --tls.certfiles "${PWD}/organizations/fabric-ca/ordererOrg/ca-cert.pem" + { set +x; } 2>/dev/null + + infoln "Registering the orderer admin" + set -x + fabric-ca-client register --caname ca-orderer --id.name ordererAdmin --id.secret ordererAdminpw --id.type admin --tls.certfiles "${PWD}/organizations/fabric-ca/ordererOrg/ca-cert.pem" + { set +x; } 2>/dev/null + + infoln "Generating the orderer msp" + set -x + fabric-ca-client enroll -u https://orderer:ordererpw@localhost:9054 --caname ca-orderer -M "${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/msp" --csr.hosts orderer.example.com --csr.hosts localhost --tls.certfiles "${PWD}/organizations/fabric-ca/ordererOrg/ca-cert.pem" + { set +x; } 2>/dev/null + + cp "${PWD}/organizations/ordererOrganizations/example.com/msp/config.yaml" "${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/msp/config.yaml" + + infoln "Generating the orderer-tls certificates" + set -x + fabric-ca-client enroll -u https://orderer:ordererpw@localhost:9054 --caname ca-orderer -M "${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls" --enrollment.profile tls --csr.hosts orderer.example.com --csr.hosts localhost --tls.certfiles "${PWD}/organizations/fabric-ca/ordererOrg/ca-cert.pem" + { set +x; } 2>/dev/null + + # Copy the tls CA cert, server cert, server keystore to well known file names in the orderer's tls directory that are referenced by orderer startup config + cp "${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls/tlscacerts/"* "${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls/ca.crt" + cp "${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls/signcerts/"* "${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls/server.crt" + cp "${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls/keystore/"* "${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls/server.key" + + # Copy orderer org's CA cert to orderer's /msp/tlscacerts directory (for use in the orderer MSP definition) + mkdir -p "${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts" + cp "${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls/tlscacerts/"* "${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem" + + infoln "Generating the admin msp" + set -x + fabric-ca-client enroll -u https://ordererAdmin:ordererAdminpw@localhost:9054 --caname ca-orderer -M "${PWD}/organizations/ordererOrganizations/example.com/users/Admin@example.com/msp" --tls.certfiles "${PWD}/organizations/fabric-ca/ordererOrg/ca-cert.pem" + { set +x; } 2>/dev/null + + cp "${PWD}/organizations/ordererOrganizations/example.com/msp/config.yaml" "${PWD}/organizations/ordererOrganizations/example.com/users/Admin@example.com/msp/config.yaml" +} diff --git a/explorer/organizations/ordererOrganizations/example.com/fabric-ca-client-config.yaml b/explorer/organizations/ordererOrganizations/example.com/fabric-ca-client-config.yaml new file mode 100644 index 00000000..5fcf2c5e --- /dev/null +++ b/explorer/organizations/ordererOrganizations/example.com/fabric-ca-client-config.yaml @@ -0,0 +1,168 @@ + +############################################################################# +# This is a configuration file for the fabric-ca-client command. +# +# COMMAND LINE ARGUMENTS AND ENVIRONMENT VARIABLES +# ------------------------------------------------ +# Each configuration element can be overridden via command line +# arguments or environment variables. The precedence for determining +# the value of each element is as follows: +# 1) command line argument +# Examples: +# a) --url https://localhost:7054 +# To set the fabric-ca server url +# b) --tls.client.certfile certfile.pem +# To set the client certificate for TLS +# 2) environment variable +# Examples: +# a) FABRIC_CA_CLIENT_URL=https://localhost:7054 +# To set the fabric-ca server url +# b) FABRIC_CA_CLIENT_TLS_CLIENT_CERTFILE=certfile.pem +# To set the client certificate for TLS +# 3) configuration file +# 4) default value (if there is one) +# All default values are shown beside each element below. +# +# FILE NAME ELEMENTS +# ------------------ +# The value of all fields whose name ends with "file" or "files" are +# name or names of other files. +# For example, see "tls.certfiles" and "tls.client.certfile". +# The value of each of these fields can be a simple filename, a +# relative path, or an absolute path. If the value is not an +# absolute path, it is interpreted as being relative to the location +# of this configuration file. +# +############################################################################# + +############################################################################# +# Client Configuration +############################################################################# + +# URL of the Fabric-ca-server (default: http://localhost:7054) +url: https://localhost:9054 + +# Membership Service Provider (MSP) directory +# This is useful when the client is used to enroll a peer or orderer, so +# that the enrollment artifacts are stored in the format expected by MSP. +mspdir: msp + +############################################################################# +# TLS section for secure socket connection +# +# certfiles - PEM-encoded list of trusted root certificate files +# client: +# certfile - PEM-encoded certificate file for when client authentication +# is enabled on server +# keyfile - PEM-encoded key file for when client authentication +# is enabled on server +############################################################################# +tls: + # TLS section for secure socket connection + certfiles: + client: + certfile: + keyfile: + +############################################################################# +# Certificate Signing Request section for generating the CSR for an +# enrollment certificate (ECert) +# +# cn - Used by CAs to determine which domain the certificate is to be generated for +# +# keyrequest - Properties to use when generating a private key. +# algo - key generation algorithm to use +# size - size of key to generate +# reusekey - reuse existing key during reenrollment +# +# serialnumber - The serialnumber field, if specified, becomes part of the issued +# certificate's DN (Distinguished Name). For example, one use case for this is +# a company with its own CA (Certificate Authority) which issues certificates +# to its employees and wants to include the employee's serial number in the DN +# of its issued certificates. +# WARNING: The serialnumber field should not be confused with the certificate's +# serial number which is set by the CA but is not a component of the +# certificate's DN. +# +# names - A list of name objects. Each name object should contain at least one +# "C", "L", "O", or "ST" value (or any combination of these) where these +# are abbreviations for the following: +# "C": country +# "L": locality or municipality (such as city or town name) +# "O": organization +# "OU": organizational unit, such as the department responsible for owning the key; +# it can also be used for a "Doing Business As" (DBS) name +# "ST": the state or province +# +# Note that the "OU" or organizational units of an ECert are always set according +# to the values of the identities type and affiliation. OUs are calculated for an enroll +# as OU=, OU=, ..., OU=. For example, an identity +# of type "client" with an affiliation of "org1.dept2.team3" would have the following +# organizational units: OU=client, OU=org1, OU=dept2, OU=team3 +# +# hosts - A list of host names for which the certificate should be valid +# +############################################################################# +csr: + cn: admin + keyrequest: + algo: ecdsa + size: 256 + reusekey: false + serialnumber: + names: + - C: US + ST: North Carolina + L: + O: Hyperledger + OU: Fabric + hosts: + - aerat + +############################################################################# +# Registration section used to register a new identity with fabric-ca server +# +# name - Unique name of the identity +# type - Type of identity being registered (e.g. 'peer, app, user') +# affiliation - The identity's affiliation +# maxenrollments - The maximum number of times the secret can be reused to enroll. +# Specially, -1 means unlimited; 0 means to use CA's max enrollment +# value. +# attributes - List of name/value pairs of attribute for identity +############################################################################# +id: + name: + type: + affiliation: + maxenrollments: 0 + attributes: + # - name: + # value: + +############################################################################# +# Enrollment section used to enroll an identity with fabric-ca server +# +# profile - Name of the signing profile to use in issuing the certificate +# label - Label to use in HSM operations +############################################################################# +enrollment: + profile: + label: + +############################################################################# +# Name of the CA to connect to within the fabric-ca server +############################################################################# +caname: + +############################################################################# +# BCCSP (BlockChain Crypto Service Provider) section allows to select which +# crypto implementation library to use +############################################################################# +bccsp: + default: SW + sw: + hash: SHA2 + security: 256 + filekeystore: + # The directory used for the software file-based keystore + keystore: msp/keystore diff --git a/explorer/organizations/ordererOrganizations/example.com/msp/IssuerPublicKey b/explorer/organizations/ordererOrganizations/example.com/msp/IssuerPublicKey new file mode 100644 index 0000000000000000000000000000000000000000..3c198c5e88fa3b77aa66ac0076c39dd6a40d7d00 GIT binary patch literal 843 zcmV-R1GM}K0#8*61X6EoWeN;MZgOvIY;9$3bV)=C5K?7!Z)0I}X>V>wVQyq>WfDXR zAdK$_^y=R`IS!r`WtQmIa^geI(`did&&lj3n(F={OcEf6A9;PweH1%Q%3m~}Guh4? zx)osbdFmPD4`~u&MtM1?7u0s?#|KVQnUuwf`L`aatf9bAg!bLG5V7uCQqL;k=siG zj%6jbq#qfxg0`iyO`e`Rzam5mAlE*W`-uS7<_+cZbofw${s)@x)* z`w}3870hE)ynu(;d-<0UE(d>0;D9wSokrs8if~|p19JZ&L<%6i-Npx;^A0^8l>7_HtSc!YdpAuSa zIx2_(3Lu1AttZkFt#Dn)P|UkWIcrOIq%in=G=eagAlD5T++Y$QOLhMDQ#vs9jJ#Ip zO3314KGX-Qen>dBSE#cLDGDHd>{P8K-`L0Q8D`~^A z#b6{Y+LL0LwAD`Hut?hd*OKz{5+JFwg%mMPy6-Z+tirLu^J4gYKJoa!)v4PAlhE?k zWsW*T3Ls9de`wlWN(S7pr>;t8$bH!C(a1!|u1h9$qv$x(3q%qiXr${kN~Pp*r|!x0 z!%;+_)JKJsu-m|TqHi~u`-S3?LLeELAeHAl=MD067v;@Q^C{b7rM&TXpix|D@(Jcr zcveavX@EVx7}fC-7(@6WmaV>wVQyq>WfDXR zAdK$_^y=R`IS!r`WtQmIa^geI(`did&&lj3n(F={OcEf6A9;PweH1%Q%3m~}Guh4? zx)osbdFmPD4`~u&MtM1?7u0s?#|KVQnUuwf`L`aatf9bAg!bLG5V7uCQqL;k=siG zj%6jbq#qfxg0`iyO`e`Rzam5mAlE*W`-uS7<_+cZbofw${s)@x)* z`w}3870hE)ynu(;d-<0UE(d>0;D9wSokrs8if~|p19JZ&L<%6i-Npx;^A0^8l>7_HtSc!YdpAuSa zIx2_(3Lu1AttZkFt#Dn)P|UkWIcrOIq%in=G=eagAlD5T++Y$QOLhMDQ#vs9jJ#Ip zO3314KGX-Qen>dBSE#cLDGDHd>{P8K-`L0Q8D`~^A z#b6{Y+LL0LwAD`Hut?hd*OKz{5+JFwg%mMPy6-Z+tirLu^J4gYKJoa!)v4PAlhE?k zWsW*T3Ls9de`wlWN(S7pr>;t8$bH!C(a1!|u1h9$qv$x(3q%qiXr${kN~Pp*r|!x0 z!%;+_)JKJsu-m|TqHi~u`-S3?LLeELAeHAl=MD067v;@Q^C{b7rM&TXpix|D@(Jcr zcveavX@EVx7}fC-7(@6WmaV>wVQyq>WfDXR zAdK$_^y=R`IS!r`WtQmIa^geI(`did&&lj3n(F={OcEf6A9;PweH1%Q%3m~}Guh4? zx)osbdFmPD4`~u&MtM1?7u0s?#|KVQnUuwf`L`aatf9bAg!bLG5V7uCQqL;k=siG zj%6jbq#qfxg0`iyO`e`Rzam5mAlE*W`-uS7<_+cZbofw${s)@x)* z`w}3870hE)ynu(;d-<0UE(d>0;D9wSokrs8if~|p19JZ&L<%6i-Npx;^A0^8l>7_HtSc!YdpAuSa zIx2_(3Lu1AttZkFt#Dn)P|UkWIcrOIq%in=G=eagAlD5T++Y$QOLhMDQ#vs9jJ#Ip zO3314KGX-Qen>dBSE#cLDGDHd>{P8K-`L0Q8D`~^A z#b6{Y+LL0LwAD`Hut?hd*OKz{5+JFwg%mMPy6-Z+tirLu^J4gYKJoa!)v4PAlhE?k zWsW*T3Ls9de`wlWN(S7pr>;t8$bH!C(a1!|u1h9$qv$x(3q%qiXr${kN~Pp*r|!x0 z!%;+_)JKJsu-m|TqHi~u`-S3?LLeELAeHAl=MD067v;@Q^C{b7rM&TXpix|D@(Jcr zcveavX@EVx7}fC-7(@6WmaV>wVQyq>WfDXR zAdK$_^y=R`IS!r`WtQmIa^geI(`did&&lj3n(F={OcEf6A9;PweH1%Q%3m~}Guh4? zx)osbdFmPD4`~u&MtM1?7u0s?#|KVQnUuwf`L`aatf9bAg!bLG5V7uCQqL;k=siG zj%6jbq#qfxg0`iyO`e`Rzam5mAlE*W`-uS7<_+cZbofw${s)@x)* z`w}3870hE)ynu(;d-<0UE(d>0;D9wSokrs8if~|p19JZ&L<%6i-Npx;^A0^8l>7_HtSc!YdpAuSa zIx2_(3Lu1AttZkFt#Dn)P|UkWIcrOIq%in=G=eagAlD5T++Y$QOLhMDQ#vs9jJ#Ip zO3314KGX-Qen>dBSE#cLDGDHd>{P8K-`L0Q8D`~^A z#b6{Y+LL0LwAD`Hut?hd*OKz{5+JFwg%mMPy6-Z+tirLu^J4gYKJoa!)v4PAlhE?k zWsW*T3Ls9de`wlWN(S7pr>;t8$bH!C(a1!|u1h9$qv$x(3q%qiXr${kN~Pp*r|!x0 z!%;+_)JKJsu-m|TqHi~u`-S3?LLeELAeHAl=MD067v;@Q^C{b7rM&TXpix|D@(Jcr zcveavX@EVx7}fC-7(@6Wma, OU=, ..., OU=. For example, an identity +# of type "client" with an affiliation of "org1.dept2.team3" would have the following +# organizational units: OU=client, OU=org1, OU=dept2, OU=team3 +# +# hosts - A list of host names for which the certificate should be valid +# +############################################################################# +csr: + cn: admin + keyrequest: + algo: ecdsa + size: 256 + reusekey: false + serialnumber: + names: + - C: US + ST: North Carolina + L: + O: Hyperledger + OU: Fabric + hosts: + - aerat + +############################################################################# +# Registration section used to register a new identity with fabric-ca server +# +# name - Unique name of the identity +# type - Type of identity being registered (e.g. 'peer, app, user') +# affiliation - The identity's affiliation +# maxenrollments - The maximum number of times the secret can be reused to enroll. +# Specially, -1 means unlimited; 0 means to use CA's max enrollment +# value. +# attributes - List of name/value pairs of attribute for identity +############################################################################# +id: + name: + type: + affiliation: + maxenrollments: 0 + attributes: + # - name: + # value: + +############################################################################# +# Enrollment section used to enroll an identity with fabric-ca server +# +# profile - Name of the signing profile to use in issuing the certificate +# label - Label to use in HSM operations +############################################################################# +enrollment: + profile: + label: + +############################################################################# +# Name of the CA to connect to within the fabric-ca server +############################################################################# +caname: + +############################################################################# +# BCCSP (BlockChain Crypto Service Provider) section allows to select which +# crypto implementation library to use +############################################################################# +bccsp: + default: SW + sw: + hash: SHA2 + security: 256 + filekeystore: + # The directory used for the software file-based keystore + keystore: msp/keystore diff --git a/explorer/organizations/peerOrganizations/org1.example.com/msp/IssuerPublicKey b/explorer/organizations/peerOrganizations/org1.example.com/msp/IssuerPublicKey new file mode 100644 index 00000000..a71f74d5 --- /dev/null +++ b/explorer/organizations/peerOrganizations/org1.example.com/msp/IssuerPublicKey @@ -0,0 +1,20 @@ + +OU +Role + EnrollmentID +RevocationHandleD + ڪE`#)zyh" =?WhV@JWLM\CN|D + LI{'E1 khĺHV ACiX\-! "Xj,"C"D + [mO9uf[=rOC*..w}8X,A ב 9 o[݊Fwkhª)"D + n,L-kj0v{6bHIW1Ӈ F\k'!94){02"D + DVG!U?uYy +}^yk :]r|_IP8jI"D + Nj~-FO `Y|wu| kO^P6qƶM,; Fo$߅}0O* + $XO(_({m-rz^{k] _ҹ͟8Ko.P bxK!.IK+^ Pp d[" Ϥ~37oPP +L$ka/2D + D[GI + (!gn}Z;o헖: kfjњ)듁t\]d:D + !sg$,l wLBU$# +Y@< SG-|&9alUʊlUʊlUʊlUʊlUʊ, OU=, ..., OU=. For example, an identity +# of type "client" with an affiliation of "org1.dept2.team3" would have the following +# organizational units: OU=client, OU=org1, OU=dept2, OU=team3 +# +# hosts - A list of host names for which the certificate should be valid +# +############################################################################# +csr: + cn: admin + keyrequest: + algo: ecdsa + size: 256 + reusekey: false + serialnumber: + names: + - C: US + ST: North Carolina + L: + O: Hyperledger + OU: Fabric + hosts: + - aerat + +############################################################################# +# Registration section used to register a new identity with fabric-ca server +# +# name - Unique name of the identity +# type - Type of identity being registered (e.g. 'peer, app, user') +# affiliation - The identity's affiliation +# maxenrollments - The maximum number of times the secret can be reused to enroll. +# Specially, -1 means unlimited; 0 means to use CA's max enrollment +# value. +# attributes - List of name/value pairs of attribute for identity +############################################################################# +id: + name: + type: + affiliation: + maxenrollments: 0 + attributes: + # - name: + # value: + +############################################################################# +# Enrollment section used to enroll an identity with fabric-ca server +# +# profile - Name of the signing profile to use in issuing the certificate +# label - Label to use in HSM operations +############################################################################# +enrollment: + profile: + label: + +############################################################################# +# Name of the CA to connect to within the fabric-ca server +############################################################################# +caname: + +############################################################################# +# BCCSP (BlockChain Crypto Service Provider) section allows to select which +# crypto implementation library to use +############################################################################# +bccsp: + default: SW + sw: + hash: SHA2 + security: 256 + filekeystore: + # The directory used for the software file-based keystore + keystore: msp/keystore diff --git a/explorer/organizations/peerOrganizations/org2.example.com/msp/IssuerPublicKey b/explorer/organizations/peerOrganizations/org2.example.com/msp/IssuerPublicKey new file mode 100644 index 0000000000000000000000000000000000000000..6b40123ac64f42313a0162c6eb8d29ccca318f0f GIT binary patch literal 843 zcmV-R1GM}K0#8*61X6EoWeN;MZgOvIY;9$3bV)=C5K?7!Z)0I}X>V>wVQyq>WfDXR zAmK}3>G6*xObFLRL;dGM`8NaE-BU`oNbqh5hX&tt>OA5UpC}H zYLQ$QJ=5auTp}7{exvjnL<%6tQ@c%kVl^?qw~-BoCc~qcZ1foW%2YcpfZ=t2#PVVi zAQBAWovRgltd?_*1{(!gIh=x$J39~L5tsvsS~F^_1(T%Ln7{D*UcE%$&2)>)T;xb=POYn zL<%5`q32NRKUd)epHDpce?VW)a+7K-s3~I<`!vf`M&)P{Ad*zw5p?3ym9<9o;h3{H z*WLe;1TFdmu+*wxb{x{lEFwe-Afn!)`}8&Z^Ccq#3zNgy6RY9kBPiFM-JB2!sePV# z0TLi^Nb~4tbLW3%8V|78zQP?lGr3LlQgZ~w$j#33R4)f2L<%5K(cILulre->GaD|o zE&Eqs?H>SjMSJJ40bHFDlFo+`AYQ>~D6R?Xd-hKjh2`{(*=lUMRZT)ju>g61ILm&{ zlPZV-3Ls5;f#35&mjAr=HsX<3>-@z0LL%yuNKj~?R^~FXx$hDn_|BG*Yl}gjj+pP7 zTgDlwi`v}7$%Q^(QL&Q^3&>4=8X$E;n!`XFSK|2`Ty#F#Py2ps zzIm0>p@xBsJ&Qd#u z#icq#3Ls1Biz$B8&3)$QRoB<@WCAk_V5z(g&$K-gur+ip080`e?`T_<6rR5Ex_1J9 z5!joR4x-n0N142b4f~cagp!{mLLeYce*Q{Pt(7^PgO7K4QS!~KqyYD0jaK(~_s98e z@PSGoWo7EE@qG|VLw6mA5Cy4zV>wVQyq>WfDXR zAmK}3>G6*xObFLRL;dGM`8NaE-BU`oNbqh5hX&tt>OA5UpC}H zYLQ$QJ=5auTp}7{exvjnL<%6tQ@c%kVl^?qw~-BoCc~qcZ1foW%2YcpfZ=t2#PVVi zAQBAWovRgltd?_*1{(!gIh=x$J39~L5tsvsS~F^_1(T%Ln7{D*UcE%$&2)>)T;xb=POYn zL<%5`q32NRKUd)epHDpce?VW)a+7K-s3~I<`!vf`M&)P{Ad*zw5p?3ym9<9o;h3{H z*WLe;1TFdmu+*wxb{x{lEFwe-Afn!)`}8&Z^Ccq#3zNgy6RY9kBPiFM-JB2!sePV# z0TLi^Nb~4tbLW3%8V|78zQP?lGr3LlQgZ~w$j#33R4)f2L<%5K(cILulre->GaD|o zE&Eqs?H>SjMSJJ40bHFDlFo+`AYQ>~D6R?Xd-hKjh2`{(*=lUMRZT)ju>g61ILm&{ zlPZV-3Ls5;f#35&mjAr=HsX<3>-@z0LL%yuNKj~?R^~FXx$hDn_|BG*Yl}gjj+pP7 zTgDlwi`v}7$%Q^(QL&Q^3&>4=8X$E;n!`XFSK|2`Ty#F#Py2ps zzIm0>p@xBsJ&Qd#u z#icq#3Ls1Biz$B8&3)$QRoB<@WCAk_V5z(g&$K-gur+ip080`e?`T_<6rR5Ex_1J9 z5!joR4x-n0N142b4f~cagp!{mLLeYce*Q{Pt(7^PgO7K4QS!~KqyYD0jaK(~_s98e z@PSGoWo7EE@qG|VLw6mA5Cy4zV>wVQyq>WfDXR zAmK}3>G6*xObFLRL;dGM`8NaE-BU`oNbqh5hX&tt>OA5UpC}H zYLQ$QJ=5auTp}7{exvjnL<%6tQ@c%kVl^?qw~-BoCc~qcZ1foW%2YcpfZ=t2#PVVi zAQBAWovRgltd?_*1{(!gIh=x$J39~L5tsvsS~F^_1(T%Ln7{D*UcE%$&2)>)T;xb=POYn zL<%5`q32NRKUd)epHDpce?VW)a+7K-s3~I<`!vf`M&)P{Ad*zw5p?3ym9<9o;h3{H z*WLe;1TFdmu+*wxb{x{lEFwe-Afn!)`}8&Z^Ccq#3zNgy6RY9kBPiFM-JB2!sePV# z0TLi^Nb~4tbLW3%8V|78zQP?lGr3LlQgZ~w$j#33R4)f2L<%5K(cILulre->GaD|o zE&Eqs?H>SjMSJJ40bHFDlFo+`AYQ>~D6R?Xd-hKjh2`{(*=lUMRZT)ju>g61ILm&{ zlPZV-3Ls5;f#35&mjAr=HsX<3>-@z0LL%yuNKj~?R^~FXx$hDn_|BG*Yl}gjj+pP7 zTgDlwi`v}7$%Q^(QL&Q^3&>4=8X$E;n!`XFSK|2`Ty#F#Py2ps zzIm0>p@xBsJ&Qd#u z#icq#3Ls1Biz$B8&3)$QRoB<@WCAk_V5z(g&$K-gur+ip080`e?`T_<6rR5Ex_1J9 z5!joR4x-n0N142b4f~cagp!{mLLeYce*Q{Pt(7^PgO7K4QS!~KqyYD0jaK(~_s98e z@PSGoWo7EE@qG|VLw6mA5Cy4zV>wVQyq>WfDXR zAmK}3>G6*xObFLRL;dGM`8NaE-BU`oNbqh5hX&tt>OA5UpC}H zYLQ$QJ=5auTp}7{exvjnL<%6tQ@c%kVl^?qw~-BoCc~qcZ1foW%2YcpfZ=t2#PVVi zAQBAWovRgltd?_*1{(!gIh=x$J39~L5tsvsS~F^_1(T%Ln7{D*UcE%$&2)>)T;xb=POYn zL<%5`q32NRKUd)epHDpce?VW)a+7K-s3~I<`!vf`M&)P{Ad*zw5p?3ym9<9o;h3{H z*WLe;1TFdmu+*wxb{x{lEFwe-Afn!)`}8&Z^Ccq#3zNgy6RY9kBPiFM-JB2!sePV# z0TLi^Nb~4tbLW3%8V|78zQP?lGr3LlQgZ~w$j#33R4)f2L<%5K(cILulre->GaD|o zE&Eqs?H>SjMSJJ40bHFDlFo+`AYQ>~D6R?Xd-hKjh2`{(*=lUMRZT)ju>g61ILm&{ zlPZV-3Ls5;f#35&mjAr=HsX<3>-@z0LL%yuNKj~?R^~FXx$hDn_|BG*Yl}gjj+pP7 zTgDlwi`v}7$%Q^(QL&Q^3&>4=8X$E;n!`XFSK|2`Ty#F#Py2ps zzIm0>p@xBsJ&Qd#u z#icq#3Ls1Biz$B8&3)$QRoB<@WCAk_V5z(g&$K-gur+ip080`e?`T_<6rR5Ex_1J9 z5!joR4x-n0N142b4f~cagp!{mLLeYce*Q{Pt(7^PgO7K4QS!~KqyYD0jaK(~_s98e z@PSGoWo7EE@qG|VLw6mA5Cy4zV>wVQyq>WfDXR zAmK}3>G6*xObFLRL;dGM`8NaE-BU`oNbqh5hX&tt>OA5UpC}H zYLQ$QJ=5auTp}7{exvjnL<%6tQ@c%kVl^?qw~-BoCc~qcZ1foW%2YcpfZ=t2#PVVi zAQBAWovRgltd?_*1{(!gIh=x$J39~L5tsvsS~F^_1(T%Ln7{D*UcE%$&2)>)T;xb=POYn zL<%5`q32NRKUd)epHDpce?VW)a+7K-s3~I<`!vf`M&)P{Ad*zw5p?3ym9<9o;h3{H z*WLe;1TFdmu+*wxb{x{lEFwe-Afn!)`}8&Z^Ccq#3zNgy6RY9kBPiFM-JB2!sePV# z0TLi^Nb~4tbLW3%8V|78zQP?lGr3LlQgZ~w$j#33R4)f2L<%5K(cILulre->GaD|o zE&Eqs?H>SjMSJJ40bHFDlFo+`AYQ>~D6R?Xd-hKjh2`{(*=lUMRZT)ju>g61ILm&{ zlPZV-3Ls5;f#35&mjAr=HsX<3>-@z0LL%yuNKj~?R^~FXx$hDn_|BG*Yl}gjj+pP7 zTgDlwi`v}7$%Q^(QL&Q^3&>4=8X$E;n!`XFSK|2`Ty#F#Py2ps zzIm0>p@xBsJ&Qd#u z#icq#3Ls1Biz$B8&3)$QRoB<@WCAk_V5z(g&$K-gur+ip080`e?`T_<6rR5Ex_1J9 z5!joR4x-n0N142b4f~cagp!{mLLeYce*Q{Pt(7^PgO7K4QS!~KqyYD0jaK(~_s98e z@PSGoWo7EE@qG|VLw6mA5Cy4z { + //create asset + fss.add_fabric({ ID: "asset40", Color: "Red", Size: 100, AppraisedValue: 500, Owner: "GK" }) + .then((r1) => { + console.log("Created asset:" + r1) + fss.add_fabric({ ID: "asset41", Color: "Blue", Size: 10, AppraisedValue: 100, Owner: "Appu" }) + .then((r2) => { + console.log("Created asset:" + r2) + fss.add_fabric({ ID: "asset42", Color: "Blue", Size: 10, AppraisedValue: 100, Owner: "Appu" }) + .then((r3) => { + console.log("Created asset:" + r3) + fss.change_owner("asset40", "Appu") + }).then(() => { + fss.change_owner("asset41", "Devu") + }).then(() => { + fss.change_owner("asset42", "Malu") + }) + }) + }) +}) \ No newline at end of file