0

I'm running a fabric 1.4.0 network and I'm the admin of it. I've lost the password/secret of one of the identities(not admin).

How do I get the secret of this registered & enrolled Fabric Identity? I went through the Fabric CA Guide to look up for any method/command to make this work, but couldn't find any.

I know we get the secret(if not already supplied) whenever we register a new identity and can use this secret for enrolling and other purposes. But I've lost this secret.

I'm also aware that I can issue a new secret to the identity by using command fabric-ca-client identity modify user1 --secret newsecret. But, that's not an option for me. I want to get the existing one.

I ran fabric-ca-client identity list --id user1 to see the identity's info but didn't see password /secret there.

So, how do I get the password then? Please keep in mind that this network was created only for the purpose of learning and since I'm the admin, I've the privilege of going up an extra step.

It'd be better if anyone could show me the ways, if there's any, to retrieve it using both fabric-node-sdk and fabric-ca-client.

Vadim Kotov
  • 8,084
  • 8
  • 48
  • 62
Kartik Chauhan
  • 2,779
  • 5
  • 28
  • 39

1 Answers1

0

After spending hours trying to look for a way to achieve this, the closest thing I found was getEnrollmentSecret method in User class. However, when I tried to use it, I got the error getEnrollmentSecret is not a function. From what I understood, the method was available in SDKs prior to version 1.4 as the method is not available in Fabric sdk node ver 1.4.

The only solution/alternative to this which I found is to update the identity's info using update method on Identity Service, and issue a new secret, which I know conflicts with one of the statements in question

I'm also aware that I can issue a new secret to the identity by using command fabric-ca-client identity modify user1 --secret newsecret. But, that's not an option for me. I want to get the existing one.

but, what else can you do, right?

You can find the detailed discussion about this on the fabric-sdk-node channel of Hyperledger-Fabric's official communication medium- RocketChat.

Please feel free to comment on how this answer can be made any better, or if I missed something, or there's something erroneous in my findings. Thank you.

Kartik Chauhan
  • 2,779
  • 5
  • 28
  • 39
  • 1
    If you have lost the secret then you are pretty stuck (without trying to hack the ca database or doing a brute force pw crack), you have 3 options. 1) change that user to have a new known secret, 2) register a new user 3) ensure the certificate/private key are always valid (eg don't let them expire) and re-enroll a new certificate/private key using the existing ones for that user. – david_k Jul 15 '20 at 10:45