Reputation: 1
[hyperledger-fabric]Hyperledger Fabric 2.2 Issue: Config Update Failure After TLS Certificate Expiration
I'm encountering a problem with my Hyperledger Fabric 2.2 network and could use some assistance.
**đ ī¸ Network Setup:
Orderer Nodes: 5 Peer Organizations: 10 Consortiums: 10 (One organization is part of two consortiums) **â ī¸ Issue Details: One of the organizations has a TLS intermediate certificate that expired. I successfully updated the TLS intermediate certificate in the application channel config block before the expiration date. However, due to operational delays, I couldn't update the orderer system channel before the certificate expired. This resulted in the following error when attempting to apply a config update:
2024-11-04 13:38:21.248 UTC [channelCmd] InitCmdFactory -> INFO 001 Endorser and orderer connections initialized Error: got unexpected status: BAD_REQUEST -- error applying config update to existing channel 'croxchain-orderers-channel': initializing channelconfig failed: could not create channel Consortiums sub-group config: setting up the MSP manager failed: CA Certificate is not valid, (SN: 85076825076483007851870499652303227021): could not obtain certification chain: the supplied identity is not valid: x509: certificate has expired or is not yet valid: current time 2024-11-04T13:38:21Z is after 2024-10-28T15:59:59Z
**â What I've Tried:
Updated the TLS intermediate certificate in the application channel config block successfully. Verified that the new certificate is correctly configured for the application channel. **â Question: Given that the TLS intermediate certificate for one organization has expired and I'm unable to update the orderer system channel before the expiration, what steps can I take to complete the update process and resolve the BAD_REQUEST error? Are there specific procedures for handling expired certificates in the system channel, especially in a multi-consortium setup?
**âšī¸ Additional Information:
Fabric Version: 2.2 Current Time in Error Message: 2024-11-04T13:38:21Z Certificate Expiration Time: 2024-10-28T15:59:59Z Any help or pointers to relevant documentation would be greatly appreciated! đ
need help for updating this organization's tls intermediate certificate in the system channel.
Upvotes: 0
Views: 23
Answers (0)
Related Questions
- Hyperledger Fabric Orderer - TLS Handshake Bad Certificate Issue
- Config block returns not found, in hyperledger fabric
- scripts/createChannel.sh: line 40: osnadmin: command not found Channel creation failed
- failed to create a channel in hyperledger fabric test-network
- Hyperledger fabric: TLS Handshake fails with error "no TLS certificate sent" using intermediate CA certificate
- Hyperledger: Certificate Issue while bootstrapping the network