1

I am trying to follow tutorial https://medium.com/swlh/how-to-implement-hyperledger-fabric-external-chaincodes-within-a-kubernetes-cluster-fd01d7544523 to setup a Kubernetes based Hyperledger Fabric 2.3.1 network and deploy Java chaincode. I have some Fabric 1.4 networks running so I have some experience with it.

I just want to deploy a 2.3.1 single node test network, not for production use... but after setting CA, Orderer an a single peer node (all version 2.3.1, except CA, obviously... using 1.4.9 for that as in the tutorial) I try to use the cli pod to do a basic query to check that system is ready to create the working channel and deploy chain code. For now only the System channel is created, so as a basic test to check system is ready I just do:

peer channel list

and, after some logs, I am getting

2022-02-09 11:26:04.319 UTC [grpc] InfoDepth -> DEBU 023 [core]Channel Connectivity change to CONNECTING
2022-02-09 11:26:04.319 UTC [grpc] InfoDepth -> DEBU 024 [core]Subchannel picks a new address "peer0:7051" to connect
2022-02-09 11:26:04.324 UTC [comm.tls] ClientHandshake -> DEBU 025 Client TLS handshake completed in 1.726264ms remoteaddress=10.0.54.77:7051
2022-02-09 11:26:04.325 UTC [grpc] InfoDepth -> DEBU 026 [core]Subchannel Connectivity change to READY
2022-02-09 11:26:04.325 UTC [grpc] InfoDepth -> DEBU 027 [core]pickfirstBalancer: UpdateSubConnState: 0xc0001074e0, {READY <nil>}
2022-02-09 11:26:04.325 UTC [grpc] InfoDepth -> DEBU 028 [core]Channel Connectivity change to READY
2022-02-09 11:26:04.325 UTC [channelCmd] InitCmdFactory -> INFO 029 Endorser and orderer connections initialized
2022-02-09 11:26:04.326 UTC [msp.identity] Sign -> DEBU 02a Sign: plaintext: 0A8D070A5C08031A0C08CCC98E900610...631A0D0A0B4765744368616E6E656C73
2022-02-09 11:26:04.326 UTC [msp.identity] Sign -> DEBU 02b Sign: digest: B08705C37A3F785980059CCBFDF2F442ABA1FE37EB5D81CC186896B6845BCC54
Error: Failed sending proposal, got rpc error: code = Unknown desc = error validating proposal: access denied: channel [] creator org [myMSP]

I have no logs in the orderer node. in peer 0, log is a bir more explicit about this:

2022-02-09 11:21:43.653 UTC [core.comm] ServerHandshake -> DEBU 2ec Server TLS handshake completed in 1.568175ms server=PeerServer remoteaddress=10.244.0.95:47938
2022-02-09 11:21:43.659 UTC [endorser] ProcessProposal -> DEBU 2ed request from 10.244.0.95:47938
2022-02-09 11:21:43.659 UTC [msp] DeserializeIdentity -> DEBU 2ee Obtaining identity
2022-02-09 11:21:43.660 UTC [msp.identity] newIdentity -> DEBU 2ef Creating identity instance for cert -----BEGIN CERTIFICATE-----
MIICCjCCAbGgAwIBAgIQFO7hTIQHz/qAxSMqwW9uKjAKBggqhkjOPQQDAjBfMQsw
CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZy
YW5jaXNjbzEPMA0GA1UEChMGZ292Lm10MRIwEAYDVQQDEwljYS5nb3YubXQwHhcN
MjIwMjA5MTAxODAwWhcNMzIwMjA3MTAxODAwWjBhMQswCQYDVQQGEwJVUzETMBEG
A1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEOMAwGA1UE
CxMFYWRtaW4xFTATBgNVBAMMDEFkbWluQGdvdi5tdDBZMBMGByqGSM49AgEGCCqG
SM49AwEHA0IABD/oc/GiTNnSXqPRC4yScpoc/notc2uARE5oHjOXDvU827PuMr07
IMvBayCWboAp6SkR0/v+OtvEY/XlySVEjrujTTBLMA4GA1UdDwEB/wQEAwIHgDAM
BgNVHRMBAf8EAjAAMCsGA1UdIwQkMCKAIHLuh4sDVX5mfM2r7dH2C/m42LIowByU
zSATn/uJ+gOZMAoGCCqGSM49BAMCA0cAMEQCIDdWktsYpi8cX14xsSpaTFme57M6
jFFdfek96uV8A13AAiBaMwotEAzB7MD2eUV+v48L6PWkkcWxKAyyRdLOrqTtWQ==
-----END CERTIFICATE-----
2022-02-09 11:21:43.660 UTC [endorser] Validate -> WARN 2f0 access denied: channel the supplied identity is not valid: x509: certificate signed by unknown authority channel= txID=c0b88931
2022-02-09 11:21:43.660 UTC [comm.grpc.server] 1 -> INFO 2f1 unary call completed grpc.service=protos.Endorser grpc.method=ProcessProposal grpc.peer_address=10.244.0.95:47938 error="error validating proposal: access denied: channel [] creator org [myMSP]" grpc.code=Unknown grpc.call_duration=1.168556ms
2022-02-09 11:21:43.664 UTC [grpc] InfoDepth -> DEBU 2f2 [transport]transport: loopyWriter.run returning. connection error: desc = "transport is closing"

In the cryptogen and configtxgen processes I am not getting any errors or warnings. All files seem to be generated correctly. Also, in the started process of Orderer, CA, peer or cli there is no warning or error about any missing or incorrect certificate file.

How can I diagnose what my problem is and find what is wrong with that certificate? Maybe I have wrong values in the Ids, MSP names, ... in the configtx.yaml and crypto-config.yaml artifacts files, but I have checked them and can't find anything.

Any ideas on what or how to check and diagnose?

Thanks

icordoba
  • 1,834
  • 2
  • 33
  • 60

1 Answers1

0

I wasn't able to diagnose but found a similar issue that happened to have the same origin.

Fabric v2.0 in kubernetes (minikube) - error Peer channel - error validating proposal: access denied: channel [] creator org [Org1MSP]

As said in that task... "I was missing CORE_PEER_MSPCONFIGPATH in the env in the yaml files for the deployment of peers.

Just adding this allowed me to successfully join the channel."

icordoba
  • 1,834
  • 2
  • 33
  • 60
  • Hi, is it solved? – Christopher Feb 10 '22 at 08:25
  • Hello, yes... I just added that CORE_PEER_MSPCONFIGPATH property (which for some reason is not in the tutorial I followed) and it works. I think the tutorial is wrong as I found more people with same issue that look like following it. I can't set it to solved as I need to wait 48 hours before Stack Overflow allows me to set the issue solved. – icordoba Feb 10 '22 at 12:11