1

I created a sample project using IBM Blockchain Platform.

I am trying to deregister a user using the default admin indentity :

identityService.delete(userName, adminIdentity, true).then(function() {
     wallet.delete(userName);
});

I keep getting this error :


(node:48423) UnhandledPromiseRejectionWarning: Error: fabric-ca request identities/gayelabouimaddelete?force=true failed with errors [[{"code":56,"message":"Identity removal is disabled"}]]

although the admin account has the hf.Revoker set to true and hf.Registrar.Roles set to "*" :


"identities": [
            {
                "id": "admin",
                "type": "client",
                "affiliation": "",
                "attrs": [
                    {
                        "name": "hf.AffiliationMgr",
                        "value": "1"
                    },
                    {
                        "name": "hf.Registrar.Roles",
                        "value": "*"
                    },
                    {
                        "name": "hf.Registrar.DelegateRoles",
                        "value": "*"
                    },
                    {
                        "name": "hf.Revoker",
                        "value": "1"
                    },
                    {
                        "name": "hf.IntermediateCA",
                        "value": "1"
                    },
                    {
                        "name": "hf.GenCRL",
                        "value": "1"
                    },
                    {
                        "name": "hf.Registrar.Attributes",
                        "value": "*"
                    }
                ],
                "max_enrollments": -1
            },
      ...
]
Gayel Abou Imad
  • 41
  • 2

1 Answers1

2

The identity removal in your CA is disabled.Add the following property (allowremove: true) in your fabric-ca-server config.yaml.

#############################################################################
# CA configuration section
#
# Configure the number of incorrect password attempts are allowed for
# identities. By default, the value of 'passwordattempts' is 10, which
# means that 10 incorrect password attempts can be made before an identity get
# locked out.
#############################################################################
cfg:
  identities:
    passwordattempts: 10
      allowremove: true
Shubham Jaiswal
  • 570
  • 5
  • 11
  • 1
    can you please let me know where can I find this config file? I am running a local environment using IBM extension – Gayel Abou Imad Oct 23 '20 at 06:56
  • Be careful of the identation: "allowremove" needs to be on the same level as "passwordattempts", not indented as shown. – ISparkes Apr 23 '21 at 14:13