epistemophiliac/fabric-samples
1
0
Fork 0
mirror of https://github.com/hyperledger/fabric-samples.git synced 2026-06-21 09:05:10 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix: resolve malformed serial number in certificate renewal #1181

Browse source 
Signed-off-by: SurbhiAgarwal1 <agarwalsurbhi1807@gmail.com>
This commit is contained in:
SurbhiAgarwal1 2026-04-19 16:13:25 +05:30
parent bf7e75c6c1
commit c5f953ba88
54 changed files with 135 additions and 53 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
test-network/compose/podman/podman-compose-test-net.yaml
View file

@ -11,4 +11,3 @@ services:
peer0.org2.example.com: peer0.org2.example.com:
volumes: volumes:
- ./podman/peercfg:/etc/hyperledger/peercfg - ./podman/peercfg:/etc/hyperledger/peercfg

1
test-network/network.config
View file

@ -55,4 +55,3 @@ CC_INVOKE_CONSTRUCTOR=''{\"Args\":[\"InitLedger\"]}''
# Default constructor for testing a chaincode query (-cciq) # Default constructor for testing a chaincode query (-cciq)
CC_QUERY_CONSTRUCTOR=''{\"Args\":[\"GetAllAssets\"]}'' CC_QUERY_CONSTRUCTOR=''{\"Args\":[\"GetAllAssets\"]}''

3
test-network/network.sh
View file

@ -678,6 +678,9 @@ elif [ "$MODE" == "cc" ] && [ "$SUBCOMMAND" == "invoke" ]; then
invokeChaincode invokeChaincode
elif [ "$MODE" == "cc" ] && [ "$SUBCOMMAND" == "query" ]; then elif [ "$MODE" == "cc" ] && [ "$SUBCOMMAND" == "query" ]; then
queryChaincode queryChaincode
elif [ "$MODE" == "renew" ]; then
infoln "Renewing certificates"
./scripts/renewCerts.sh
else else
printHelp printHelp
exit 1 exit 1

73
test-network/scripts/renewCerts.sh Normal file
View file

@ -0,0 +1,73 @@
#!/bin/bash
#
# Copyright IBM Corp All Rights Reserved
#
# SPDX-License-Identifier: Apache-2.0
#
# This script is used to renew certificates in the test network.
# It re-enrolls the identities using the Fabric CA.
. scripts/utils.sh
function renewOrg1() {
infoln "Renewing Org1 certificates"
export FABRIC_CA_CLIENT_HOME=${PWD}/organizations/peerOrganizations/org1.example.com/
# Remove existing MSP and TLS - this is important to avoid 'malformed serial number'
# and other parsing errors when fabric-ca-client tries to use old certs for auth.
rm -rf "${FABRIC_CA_CLIENT_HOME}/msp"
rm -rf "${FABRIC_CA_CLIENT_HOME}/tls"
rm -rf "${FABRIC_CA_CLIENT_HOME}/ca"
rm -rf "${FABRIC_CA_CLIENT_HOME}/tlsca"
rm -rf "${FABRIC_CA_CLIENT_HOME}/peers"
rm -rf "${FABRIC_CA_CLIENT_HOME}/users"
# Re-enroll everything
. organizations/fabric-ca/registerEnroll.sh
createOrg1
}
function renewOrg2() {
infoln "Renewing Org2 certificates"
export FABRIC_CA_CLIENT_HOME=${PWD}/organizations/peerOrganizations/org2.example.com/
rm -rf "${FABRIC_CA_CLIENT_HOME}/msp"
rm -rf "${FABRIC_CA_CLIENT_HOME}/tls"
rm -rf "${FABRIC_CA_CLIENT_HOME}/ca"
rm -rf "${FABRIC_CA_CLIENT_HOME}/tlsca"
rm -rf "${FABRIC_CA_CLIENT_HOME}/peers"
rm -rf "${FABRIC_CA_CLIENT_HOME}/users"
. organizations/fabric-ca/registerEnroll.sh
createOrg2
}
function renewOrderer() {
infoln "Renewing Orderer certificates"
export FABRIC_CA_CLIENT_HOME=${PWD}/organizations/ordererOrganizations/example.com
rm -rf "${FABRIC_CA_CLIENT_HOME}/msp"
rm -rf "${FABRIC_CA_CLIENT_HOME}/tls"
rm -rf "${FABRIC_CA_CLIENT_HOME}/ca"
rm -rf "${FABRIC_CA_CLIENT_HOME}/tlsca"
rm -rf "${FABRIC_CA_CLIENT_HOME}/orderers"
rm -rf "${FABRIC_CA_CLIENT_HOME}/users"
. organizations/fabric-ca/registerEnroll.sh
createOrderer
}
# Check if CAs are running
if [ $(docker ps -q --filter name=ca_org1 --filter status=running | wc -l) -eq 0 ]; then
fatalln "Fabric CAs must be running to renew certificates. Please run './network.sh up -ca' first."
fi
renewOrg1
renewOrg2
renewOrderer
infoln "Certificates renewed successfully. You may need to restart your network nodes (peer/orderer) to pick up the new certificates."

8
test-network/scripts/utils.sh
View file

@ -143,8 +143,15 @@ function printHelp() {
println " network.sh cc invoke -c channel1 -ccic '{\"Args\":[\"CreateAsset\",\"asset1\",\"red\",\"10\",\"fred\",\"500\"]}'" println " network.sh cc invoke -c channel1 -ccic '{\"Args\":[\"CreateAsset\",\"asset1\",\"red\",\"10\",\"fred\",\"500\"]}'"
println " network.sh cc query -c channel1 -ccqc '{\"Args\":[\"ReadAsset\",\"asset1\"]}'" println " network.sh cc query -c channel1 -ccqc '{\"Args\":[\"ReadAsset\",\"asset1\"]}'"
println println
println
println " NOTE: Default settings can be changed in network.config" println " NOTE: Default settings can be changed in network.config"
println println
elif [ "$USAGE" == "renew" ]; then
println "Usage: "
println " network.sh \033[0;32mrenew\033[0m"
println
println " Example:"
println " network.sh renew"
else else
println "Usage: " println "Usage: "
println " network.sh <Mode> [Flags]" println " network.sh <Mode> [Flags]"
@ -156,6 +163,7 @@ function printHelp() {
println " \033[0;32mdeployCC\033[0m - Deploy a chaincode to a channel (defaults to asset-transfer-basic)" println " \033[0;32mdeployCC\033[0m - Deploy a chaincode to a channel (defaults to asset-transfer-basic)"
println " \033[0;32mcc\033[0m - chaincode functions, use \"network.sh cc -h\" for options" println " \033[0;32mcc\033[0m - chaincode functions, use \"network.sh cc -h\" for options"
println " \033[0;32mdown\033[0m - Bring down the network" println " \033[0;32mdown\033[0m - Bring down the network"
println " \033[0;32mrenew\033[0m - Renew certificates for the network"
println println
println " Flags:" println " Flags:"
println " Used with \033[0;32mnetwork.sh prereq\033[0m" println " Used with \033[0;32mnetwork.sh prereq\033[0m"