icordoba
Reputation: 1899
Access denied wher trying discovery service in Hyperledger Fabric
I am trying to use Discovery service
# discover --configFile conf.yaml --peerTLSCA ./crypto-config/peerOrganizations/ha-dev/users/User1\@ha-dev/tls/ca.crt --userKey ./crypto-config/peerOrganizations/ha-dev/users/User1\@ha-dev/msp/keystore/key.pem --userCert ./crypto-config/peerOrganizations/ha-dev/users/User1\@ha-dev/msp/tlscacerts/tlsca.ha-dev-cert.pem --MSP HAMSP saveConfig
2020-01-29 21:41:17.051 UTC [bccsp] initBCCSP -> DEBU 001 Initialize BCCSP [SW]
Then I perform the discovery command:
# discover --configFile conf.yaml peers --channel mrrc --server blockchain-hapeer1:30110
2020-01-29 21:41:26.442 UTC [bccsp] initBCCSP -> DEBU 001 Initialize BCCSP [SW]
2020-01-29 21:41:26.980 UTC [grpc] DialContext -> DEBU 002 parsed scheme: ""
2020-01-29 21:41:26.980 UTC [grpc] DialContext -> DEBU 003 scheme "" not registered, fallback to default scheme
2020-01-29 21:41:26.981 UTC [grpc] watcher -> DEBU 004 ccResolverWrapper: sending new addresses to cc: [{blockchain-hapeer1:30110 0 <nil>}]
2020-01-29 21:41:26.981 UTC [grpc] switchBalancer -> DEBU 005 ClientConn switching balancer to "pick_first"
2020-01-29 21:41:26.981 UTC [grpc] HandleSubConnStateChange -> DEBU 006 pickfirstBalancer: HandleSubConnStateChange: 0xc0003262a0, CONNECTING
2020-01-29 21:41:26.985 UTC [grpc] HandleSubConnStateChange -> DEBU 007 pickfirstBalancer: HandleSubConnStateChange: 0xc0003262a0, READY
access denied
I see this errors in peer:
2020-01-29 22:17:46.311 UTC [cauthdsl] deduplicate -> ERRO 043 Principal deserialization failure (the supplied identity is not valid: x509: certificate signed by unknown authority) for identity 0
2020-01-29 22:17:46.311 UTC [discovery] processQuery -> WARN 044 got query for channel mrrc from 10.244.1.120:56254 but it isn't eligible: implicit policy evaluation failed - 0 sub-policies were satisfied, but this policy requires 1 of the 'Writers' sub-policies to be satisfied
2020-01-29 22:17:46.311 UTC [comm.grpc.server] 1 -> INFO 045 unary call completed grpc.service=discovery.Discovery grpc.method=Discover grpc.request_deadline=2020-01-29T22:17:56.304Z grpc.peer_address=10.244.1.120:56254 grpc.code=OK grpc.call_duration=493.602µs
How can I know which of the files for Root CERT, key and user cert I must use from all the files generated by cryptogen for that peer?
Upvotes: 0
Views: 176
Answers (1)
yacovm
Reputation: 5140
You need to use --userCert ./crypto-config/peerOrganizations/ha-dev/users/User1\@ha-dev/msp/signcerts/cert.pem
Upvotes: 1
Related Questions
- Hyperledger Fabric channel queryInfo throws access denied error
- Hyperledger fabric Error : mychannel received discovery error:access denied
- error: [Channel.js]: Channel:mychannel received discovery error:access denied
- Hyperledger fabric 1.2 service discovery error
- Error: 2 UNKNOWN: access denied: channel [contentbackchainchannel] creator org
- hyperledger fabric discovery service failing endorsement
- failed to get discovery service: could not get chConfig cache reference: read configuration for channel peers failed
- access denied: hyperledger fabric channel.initialize()
- Hyperledger fabric discovery service CLI
- Getting connection failed in Hyperledger Fabric sample