Im using Hyperledger Composer over Hyperledger Fabric to deploy a .bna file. The problem comes when creating networkAdmin cards for the different organizations, they are not able to access the network.

Background

The project structure is as follows:

• Organizations:
  • exporter01 with one peer and one CA
  • maritimeAgency01 with one peer and one CA
  • terminal01 with one peer and one CA
  • terrestrialTransport01 with one peer and one CA

The steps towards the problem are as follows:

1. Create the PeerAdmin card using the admin certificate and privateKey files under /msp/keystore/ for every organization
2. Installed the network archive using composer network install ... for every organization peer using the PeerAdmin card
3. Requested identities for every networkAdmin specified on the composer network start ... command (one for every org)
4. Started the network for all peers using
   composer network start \ --card PeerAdmin@$NETWORK_NAME-exporter01 \ --networkName $NETWORK_NAME \ --networkVersion $NETWORK_VERSION \ -o endorsementPolicyFile=./endorsement-policy.json \ -A exporter01 \ -C $TMP_BASEDIR/exporter01/admin-pub.pem \ -A maritimeAgency01 \ -C $TMP_BASEDIR/maritimeAgency01/admin-pub.pem \ -A terminal01 \ -C $TMP_BASEDIR/terminal01/admin-pub.pem \ -A terrestrialTransport01 \ -C $TMP_BASEDIR/terrestrialTransport01/admin-pub.pem

Problem

After using composer card create ... with the following

• connectionProfile.json (the same used to create the PeerAdmin card)
• user: the same as the -A flag in the composer network start ...
• certificate: the same as the -C flag in the composer network start ...
• privateKey: the corresponding to the certificate generated by composer identity request ...

And importing it with composer card import ... the card is successfully imported. But when using composer network ping -c <created networkAdmin card> the command fails with the following message

Error: Error trying to ping. Error: 2 UNKNOWN: access denied: channel [mychannel] creator org [Exporter01MSP]

Any ideas why could this be happening? Thanks!

After two weeks found the error. Logging it here for the community.

It was a Hyperledger-Fabric configuration error.

When using multiple CA's (one for each org) you must add the certificates to the orderer docker container as an env variable ORDERER_GENERAL_TLS_ROOTCAS or any identity issued by those CA's won't be able to connect.

Found the solution in the following fabric-sample Repo line 55. Don't forget to link the volumes (lines 63-64).