- tls: oversized record received with length
原因:fabric-ca服务器开启tls后,需要使用https而不是http
fabric-ca-client enroll -d -u https://admin:Chaofeng521@localhost:7054 --tls.certfiles /app/orderer/fabric-ca-server/ca-cert.pem
同时,可以在命令中指定–tls.certfiles,也可以通过环境变量FABRIC_CA_CLIENT_TLS_CERTFILES来指定。 - remote error: tls: bad certificate
enroll命令报错x509: certificate is not valid for any names, but wanted to match localhost
原因:
在fabric-ca-server启动时,配置文件中CSR模块会指定hosts,例如:hosts:
(或者通过环境变量FABRIC_CA_SERVER_CSR_HOSTS=来指定这个值)
- 0.0.0.0
- dezohty
- localhost
这个值对应enroll命令中的相关值,见下面命令中的粗体:
fabric-ca-client enroll -d -u https://admin:Chaofeng521@dezohty:7054 --tls.certfiles /app/orderer/fabric-ca-server/ca-cert.pem