Closed guoger closed 3 years ago
According to https://github.com/hyperledger/fabric/blob/master/internal/peer/common/peerclient.go#L53 and https://hyperledger-fabric.readthedocs.io/en/release-2.1/commands/peercommand.html?highlight=mutual%20TLS#usage
it seems we just need to add
RequireClientCert: true,
as option when create client.
I suppose we don't have test-network supports mutual TLS(I will have an attempt) but according to https://hyperledger-fabric.readthedocs.io/en/release-2.1/enable_tls.html?highlight=mutual%20TLS#configuring-tls-for-peers-nodes it seems we need to upgrade peer server and cli with
CORE_PEER_TLS_CLIENTAUTHREQUIRED = true
pls review it and if it's good enough, I will move forward.
Ref to fabric code, https://github.com/hyperledger/fabric/blob/master/internal/pkg/comm/server.go#L105
so we adding this logic in mock server to test with mutual tls? the server tls file generated by test-network?
Will check this one and try with pr in weekend.