{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 叛逆 的问题《Difference between users created through cryptogen》','https://www.manongdao.com/q-676514.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
While doing Hyperledger fabric setup, we create crypto material and mention users for organizations and and correspondingly user crypto material gets generated which is used to invoke chaincode while logging through CLI. Also, when we try to connect network through SDK we also need to enroll and register user to connect to network. So, what is the difference between these two users?
相关问题
- How to add a new Orderer Organization to existing
- How do you generate pool_transactions_genesis and
- chaincode in hyperledger composer vs chaincode in
- Hyperledger fabcar sample fabric showing connect f
- OCI runtime exec failed: exec failed: container_li
相关文章
- When I generate MSP for some organization, I can c
- Does Composer needs an already built Fabric networ
- Hyperledger transaction verification
- Hyperledger Fabric - Error while Instantiating cha
- Hyperledger fabric's ChannelCreationPolicy
- what kind of peer types does hyperledger have?
- How to retrieve user information from recent versi
- Asset Creation through Transaction in Hyperledger
Cryptogen utility used for generating Hyperledger Fabric key material is mainly meant to be used for testing environment only.
It generates the CA certificate before the Fabric CA Server is up. {This won't be the case in production env.}
This certificate is mounted to fabric-ca in docker-compose.yaml file. This is done via volumes keyword as in the below snippet:
ca.example.com: image: hyperledger/fabric-ca environment: - FABRIC_CA_HOME=/etc/hyperledger/fabric-ca-server - FABRIC_CA_SERVER_CA_NAME=ca.example.com - FABRIC_CA_SERVER_CA_CERTFILE=/etc/hyperledger/fabric-ca-server-config/ca.org1.example.com-cert.pem - FABRIC_CA_SERVER_CA_KEYFILE=/etc/hyperledger/fabric-ca-server-config/4239aa0dcd76daeeb8ba0cda701851d14504d31aad1b2ffffddbac6a57365e497c_sk ports: - "7054:7054" command: sh -c 'fabric-ca-server start -b admin:adminpw -d' volumes: - ./crypto-config/peerOrganizations/org1.example.com/ca/:/etc/hyperledger/fabric-ca-server-config container_name: ca.example.com networks: - basicThe command 'fabric-ca-server start -b admin:adminpw -d' in above script registers a bootstrap identity. This bootstrap identity is used by the application to enroll the 'admin' user. During this enrollment, fabric-ca-server gives the app a ecert, users private key and cacert chain PEM files.
From the above reference, the users certs generated by cryptogen and via application will be issued using the same root CA Cert.
When using CLI to execute commands such install chaincode, instantiate chaincode etc. you will be using the user certs generated by the cryptogen as these are mounted into the corresponding peer. Again refer to the volumes section of peer in docker-compose.yaml for this: