michaelcourcy
commented
1 year ago After few attempts I found out this happens when executing the function `join_channel_peer org1 peer1 in the channel.sh script.
local org=org1
local peer=peer1
export_peer_context $org $peer
peer channel join \
--blockpath ${TEMP_DIR}/genesis_block.pb \
--orderer org0-orderer1.${DOMAIN} \
--connTimeout ${ORDERER_TIMEOUT} \
--tls \
--cafile ${TEMP_DIR}/channel-msp/ordererOrganizations/org0/orderers/org0-orderer1/tls/signcerts/tls-cert.pemThere is a discrepancy between the certificate sent org1-ca-localho-st-443.pem and the msp included in the payload mspid=Org2MSP
identity="(mspid=Org2MSP subject=CN=org1admin,OU=admin,O=Hyperledger,ST=North Carolina,C=US issuer=CN=fabric-ca-server,OU=Fabric,O=Hyperledger,ST=North Carolina,C=US serialnumber=522072795834743694220586894795889237968758182696)"The certificate included in the payload that has this serial number :
x509 build/enrollments/org1/users/org1admin/msp/cacerts/org1-ca-localho-st-443.pem
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:d3:e8:00:d3:5c:3a:c7:b6:cf:3d:d7:6b:de:ad:c4:82:0b:5d:95
Signature Algorithm: ecdsa-with-SHA256
Issuer: C=US, ST=North Carolina, O=Hyperledger, OU=Fabric, CN=fabric-ca-server
Validity
Not Before: Jan 19 16:09:00 2023 GMT
Not After : Jan 15 16:09:00 2038 GMT
Subject: C=US, ST=North Carolina, O=Hyperledger, OU=Fabric, CN=fabric-ca-server
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (256 bit)
pub:
04:bc:3e:cc:7b:f6:4f:5a:7d:1a:d4:66:cf:17:6e:
f9:10:c8:6c:fa:cc:18:16:ff:df:68:e8:5b:e5:7c:
f1:c8:03:a4:e0:92:68:d0:34:df:72:5c:4e:03:fe:
85:dd:f4:e5:a7:13:13:f5:d3:84:8d:d7:51:c5:55:
6b:38:a7:1a:7f
ASN1 OID: prime256v1
NIST CURVE: P-256
X509v3 extensions:
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE, pathlen:1
X509v3 Subject Key Identifier:
4A:73:26:1E:A9:00:71:F9:09:7A:DC:4F:40:43:12:E7:6F:A7:0F:EB
X509v3 Subject Alternative Name:
IP Address:127.0.0.1
Signature Algorithm: ecdsa-with-SHA256
30:45:02:21:00:fa:42:52:7c:62:1c:18:41:fd:40:42:8b:ec:
59:b8:cf:aa:c8:2d:a5:b4:94:74:9a:cd:31:ed:ef:5c:2f:cf:
f0:02:20:76:39:19:70:52:04:a0:c9:ad:1f:c8:41:1f:e5:82:
e9:1b:0e:c1:9b:07:31:fc:25:70:fd:44:e7:a2:77:8e:c5The code that is sending this error compare the mspid in the payload with the mspid expected and throw an error if they don't match https://github.com/hyperledger/fabric/blob/52b9f467531c442ce21d855b97f4fc2ac3fa50f3/msp/mspimpl.go#L389
On the first place I was thinking that the mspid sent in payload was coming from the certificate and that either the wrong certificate was sent or the certificate was wrong. But for me the certificate look correct (it's the right certificate which is sent and the content of the certificate looks good).
No mspid information seems to be included in the certificate so I'm still trying to understand how peer channel join command pick up the mspid to include it in the payload. I would appreciate any hint.
Following the test-network-k8s tutorial when executing
I get this error
Checking the logs in org1-peer1 I get this error at the end
error="expected MSP ID Org1MSP, received Org2MSP"which I suppose is the real cause.The end of the stack puzzle me
How is that possible to have
mspid=Org2MSPwithsubject=CN=org1admin....as I'm new to this technology I don't know where I should check this mapping.The complete logs from org1-peer1 pod
I also check the env variable in the peer but I'm still new to this technology and I can't say if something s wrong