CODEWITHSUNDEEP
hyperledger-fabrichyperledger
Katiyman
Katiyman

Reputation: 846

Unable to start the peer in hyperledger fabric, first network sample using custom cryptographic material

I am following the below link to run the first network sample using the custom crypto graphic material.

First network sample using custom crypto grapic material

As explained in the link i have generated all the certificates from the CA and placed the content in the required folders I generated all the channel artifacts as well. now when i run the below command for starting the containers i get errors

CHANNEL_NAME=$CHANNEL_NAME docker-compose -f docker-compose-cli.yaml up -d

Except the CLI container none of the other containers are coming up

Error in Orderer

2017-11-10 07:11:47.211 UTC [msp] getPemMaterialFromDir -> WARN 001 Failed reading file /var/hyperledger/orderer/msp/signcerts/signer.crt: no pem content for file /var/hyperledger/orderer/msp/signcerts/signer.crt

Error in all peers

2017-11-10 07:11:47.134 UTC [main] main -> ERRO 001 Cannot run peer because error when setting up MSP from directory /etc/hyperledger/fabric/msp: KeyMaterial not found in SigningIdentityInfo

Content of signer.crt for orderer issue

-----BEGIN CERTIFICATE----- MIIC0TCCAbmgAwIBAgIPAV+a2M5AtqiPiJ/UbeTPMA0GCSqGSIb3DQEBCwUAMDAxCzAJBgNVBAYTAlBMMQ4wDAYDVQQKEwVOb2tpYTERMA8GA1UEAxMIUkVTVCBDQTEwHhcNMTcxMTA4MDgyNzAwWhcNMTgwNzMxMTI1ODM1WjCBoDELMAkGA1UEBhMCVVMxEDAOBgNVBAgTB0FsYWJhbWExEDAOBgNVBAcTB1Bob2VuaXgxITAfBgNVBAoTGEFkdmFuY2VkIEV4cGxvcmF0aW9uIEluYzEcMBoGA1UECxMTVEVTVCBCbG9ja2NoYWluIEh1YjEsMCoGA1UEAxMjdGVzdC1ibG9ja2NoYWluSHViLW9yZGVyZXIuYWV4cC5jb20wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARQ0kKTAjB+Pfm2qTPj5AyRw8SU8CO431RdnmGFwfLRUYF+p6UsklNVEQbv6uGRKOLmPVHd3bY4+WWhf1mlmJHqo0IwQDAfBgNVHSMEGDAWgBQ4wDFZQdWAiTTvmhvctnjg96t3NzAdBgNVHQ4EFgQUAKrKE+neX8czESLhG0O2H2e+7TEwDQYJKoZIhvcNAQELBQADggEBAETkTpTapY6Pe4gECBMZAW9gbnSnofR+eKBc24u6Zpk3KiGhfbU3msKiZ5YbXhUkFdy9e1YnIArSayrSanbLO1psGx0zI0SEICfFJ0iPaZYVNV34XzX66+nlsOEq7WrhxHwhqlrV5lFqCj5imwC7ETRTErYl/+qblGfnETRoIEQMPwWHmKB6OcdltaoJxWH6scLMEfvFUTRCoVDnMGDB3ez/8RscDtij8/ARXAJRPmJICts0nQhXQoiVBqaolfTPe2PGC8YWoNoRxXp9mvYz2bg7vM4uq6Epd7wTrNTgugsqiaONwtYdJt+z9BBGjdeKZREfj93aB1LyY41wftpjKl4=MIIC0TCCAbmgAwIBAgIPAV+a2M5AtqiPiJ/UbeTPMA0GCSqGSIb3DQEBCwUAMDAxCzAJBgNVBAYTAlBMMQ4wDAYDVQQKEwVOb2tpYTERMA8GA1UEAxMIUkVTVCBDQTEwHhcNMTcxMTA4MDgyNzAwWhcNMTgwNzMxMTI1ODM1WjCBoDELMAkGA1UEBhMCVVMxEDAOBgNVBAgTB0FsYWJhbWExEDAOBgNVBAcTB1Bob2VuaXgxITAfBgNVBAoTGEFkdmFuY2VkIEV4cGxvcmF0aW9uIEluYzEcMBoGA1UECxMTVEVTVCBCbG9ja2NoYWluIEh1YjEsMCoGA1UEAxMjdGVzdC1ibG9ja2NoYWluSHViLW9yZGVyZXIuYWV4cC5jb20wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARQ0kKTAjB+Pfm2qTPj5AyRw8SU8CO431RdnmGFwfLRUYF+p6UsklNVEQbv6uGRKOLmPVHd3bY4+WWhf1mlmJHqo0IwQDAfBgNVHSMEGDAWgBQ4wDFZQdWAiTTvmhvctnjg96t3NzAdBgNVHQ4EFgQUAKrKE+neX8czESLhG0O2H2e+7TEwDQYJKoZIhvcNAQELBQADggEBAETkTpTapY6Pe4gECBMZAW9gbnSnofR+eKBc24u6Zpk3KiGhfbU3msKiZ5YbXhUkFdy9e1YnIArSayrSanbLO1psGx0zI0SEICfFJ0iPaZYVNV34XzX66+nlsOEq7WrhxHwhqlrV5lFqCj5imwC7ETRTErYl/+qblGfnETRoIEQMPwWHmKB6OcdltaoJxWH6scLMEfvFUTRCoVDnMGDB3ez/8RscDtij8/ARXAJRPmJICts0nQhXQoiVBqaolfTPe2PGC8YWoNoRxXp9mvYz2bg7vM4uq6Epd7wTrNTgugsqiaONwtYdJt+z9BBGjdeKZREfj93aB1LyY41wftpjKl4= -----END CERTIFICATE-----

signer.key file content

-----BEGIN EC PARAMETERS-----
BggqhkjOPQMBBw==
-----END EC PARAMETERS-----
-----BEGIN EC PRIVATE KEY-----
MHcCAQEEILa+xgvh9fAIkymEX4ohTlCIMxcZ6jO5KQxD9BZ7LpuWoAoGCCqGSM49
AwEHoUQDQgAEUNJCkwIwfj35tqkz4+QMkcPElPAjuN9UXZ5hhcHy0VGBfqelLJJT
VREG7+rhkSji5j1R3d22OPlloX9ZpZiR6g==
-----END EC PRIVATE KEY-----

Docker compose base yaml file docker-compose-base.yaml

Kindly help

Upvotes: 1

Views: 1683

Answers (2)

Gari Singh
Gari Singh

Reputation: 12053

The error for all the peers is caused by the format of your private key. The Fabric components do not support private keys which include the EC Params. So you can either delete the 

-----BEGIN EC PARAMETERS-----
BggqhkjOPQMBBw==
-----END EC PARAMETERS-----

stanza from your signer.key files or regenerate them using

openssl ecparam -name prime256v1 -genkey -noout -out signer.key

Upvotes: 1

Keith Smith
Keith Smith

Reputation: 296

The following header and footer lines of a PEM file must be on a line by themselves, so you need to add newline characters appropriately:

-----BEGIN CERTIFICATE-----
xxxxxxxxxxxxxxx
-----END CERTIFICATE-----

You should also verify that the certificate format is valid by using openssl to display the certificate as follows:

openssl x509 -in <filename> -text -noout

Upvotes: 1

Related Questions