Steps include: revoking a user, generating a CRL,
updating the CRL in the configuration block of the
channel, and finally querying the chaincode using
the revoked user credentials. The query will fail as
it is invoked by a revoked user.
Change-Id: I3b0f26d9b5a78475b6f42543b0e17458e9ce2a73
Signed-off-by: Anil Ambati <aambati@us.ibm.com>
When a CA starts, it creates its signing cert and then
starts listening on its listening port. The fix is to
wait for the server to start listening on the port rather
than waiting for the signing cert file to be created.
See the waitPort function in env.sh, and places where this
is called. I also had to increase the max time we wait before
failing.
WARNING: This change set is dependent upon the following
fabric-ca change set and should not be merged until it
has been merged:
https://gerrit.hyperledger.org/r/#/c/15089/
Change-Id: I781e3653bf6846e22f401fe64855fa155ffeb7cb
Signed-off-by: Keith Smith <bksmith@us.ibm.com>
This sample uses fabric-ca to run an end-to-end test similar
to the BYFN sample. However, instead of using cryptogen, it
uses fabric-ca. All private keys are generated dynamically in
the container in which they are used.
This sample also demonstrates how to use abac
(Attribute-Based Access Control) to make access decisions.
See chaincode/abac/abac.go.
Change-Id: I5eddc9e35908e409ac07266c3183ce89a5a6cd82
Signed-off-by: Keith Smith <bksmith@us.ibm.com>
