![](/img/trans.png)
[英]Running Fabric CA natively - Could not find default `PKCS11` BCCSP
[英]peer node start throwing Could not find default pkcs11 BCCSP error
我正在尝试在启用 SoftHSM 的情况下运行 Hyperledger Fabric Peer。 Fabric-ca-server 已经在启用 SoftHSM 的情况下运行,并且所有证书都是在启用 HSM 的情况下生成的。
最初,当我尝试运行 fabric-ca-server 时,它抛出了相同的错误BCCSP
Could not find default
PKCS11 BCCSP
。
然后我发现有些人建议从源代码进行构建并修复了该错误。
现在,当我运行peer node start
命令来引导 peer 时,我面临同样的错误。
该BCCSP
内容core.yaml
低于:
# BCCSP (Blockchain crypto provider): Select which crypto implementation or
# library to use
BCCSP:
Default: PKCS11
# Settings for the SW crypto provider (i.e. when DEFAULT: SW)
SW:
# TODO: The default Hash and Security level needs refactoring to be
# fully configurable. Changing these defaults requires coordination
# SHA2 is hardcoded in several places, not only BCCSP
Hash: SHA2
Security: 256
# Location of Key Store
FileKeyStore:
# If "", defaults to 'mspConfigPath'/keystore
KeyStore:
# Settings for the PKCS#11 crypto provider (i.e. when DEFAULT: PKCS11)
PKCS11:
# Location of the PKCS11 module library
Library: /usr/local/lib/softhsm/libsofthsm2.so
# Token Label
Label: ForFabric
# User PIN
Pin: 98765432
Hash: SHA2
Security: 256
FileKeyStore:
KeyStore: /home/akshay/dev/fabric-ca/fabric-ca-client/peerOrg/msp/keystore
运行peer node start
时的错误:
$ peer node start
2018-12-28 14:48:50.508 IST [main] InitCmd -> ERRO 001 Cannot run peer because error when setting up MSP of type bccsp from directory /home/akshay/dev/fabric-ca/fabric-ca-client/peerOrg/msp: could not initialize BCCSP Factories: Failed initializing BCCSP.: Could not initialize BCCSP SW [Failed to initialize software key store: An invalid KeyStore path provided. Path cannot be an empty string.]
Could not find default `PKCS11` BCCSP
我正在使用以下对等版本:
$ peer version
peer:
Version: 1.4.0
Commit SHA: 9cd9fce
Go version: go1.11.2
OS/Arch: linux/amd64
Chaincode:
Base Image Version: 0.4.14
Base Docker Namespace: hyperledger
Base Docker Label: org.hyperledger.fabric
Docker Namespace: hyperledger
有两个问题:
1) 确保删除BCCSP
中core.yaml
下的SW:
部分 2) 默认情况下,peer binary 和 Docker 镜像都是在不支持 PCKS11 的情况下构建的。 您可以使用GO_TAGS=pkcs11 make peer
自己构建对等二进制文件
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.