Enable TLS
parent
42d70cf725
commit
fe6b6bedc4
|
@ -52,7 +52,7 @@ services:
|
||||||
- CORE_LOGGING_LEVEL=DEBUG
|
- CORE_LOGGING_LEVEL=DEBUG
|
||||||
- CORE_PEER_ADDRESS=peer0.org1.example.com:7051 # default to operate on peer0.org1
|
- CORE_PEER_ADDRESS=peer0.org1.example.com:7051 # default to operate on peer0.org1
|
||||||
- CORE_PEER_LOCALMSPID=Org1MSP
|
- CORE_PEER_LOCALMSPID=Org1MSP
|
||||||
- CORE_PEER_TLS_ENABLED=false # to enable TLS, change to true
|
- CORE_PEER_TLS_ENABLED=true # to enable TLS, change to true
|
||||||
- CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.crt
|
- CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.crt
|
||||||
- CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.key
|
- CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.key
|
||||||
- CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt
|
- CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt
|
||||||
|
@ -90,7 +90,7 @@ services:
|
||||||
- CORE_LOGGING_LEVEL=DEBUG
|
- CORE_LOGGING_LEVEL=DEBUG
|
||||||
- CORE_PEER_ADDRESS=peer0.org1.example.com:7051 # default to operate on peer0.org1
|
- CORE_PEER_ADDRESS=peer0.org1.example.com:7051 # default to operate on peer0.org1
|
||||||
- CORE_PEER_LOCALMSPID=Org1MSP
|
- CORE_PEER_LOCALMSPID=Org1MSP
|
||||||
- CORE_PEER_TLS_ENABLED=false # to enable TLS, change to true
|
- CORE_PEER_TLS_ENABLED=true # to enable TLS, change to true
|
||||||
- CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.crt
|
- CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.crt
|
||||||
- CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.key
|
- CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.key
|
||||||
- CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt
|
- CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt
|
||||||
|
|
|
@ -52,7 +52,7 @@ services:
|
||||||
- CORE_LOGGING_LEVEL=DEBUG
|
- CORE_LOGGING_LEVEL=DEBUG
|
||||||
- CORE_PEER_ADDRESS=peer0.org1.example.com:7051 # default to operate on peer0.org1
|
- CORE_PEER_ADDRESS=peer0.org1.example.com:7051 # default to operate on peer0.org1
|
||||||
- CORE_PEER_LOCALMSPID=Org1MSP
|
- CORE_PEER_LOCALMSPID=Org1MSP
|
||||||
- CORE_PEER_TLS_ENABLED=false # to enable TLS, change to true
|
- CORE_PEER_TLS_ENABLED=true # to enable TLS, change to true
|
||||||
- CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.crt
|
- CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.crt
|
||||||
- CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.key
|
- CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.key
|
||||||
- CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt
|
- CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt
|
||||||
|
|
|
@ -25,7 +25,7 @@ services:
|
||||||
working_dir: /opt/gopath/src/github.com/hyperledger/fabric
|
working_dir: /opt/gopath/src/github.com/hyperledger/fabric
|
||||||
command: orderer
|
command: orderer
|
||||||
volumes:
|
volumes:
|
||||||
- ../channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block
|
- ../channel-artifacts/orderer.genesis.block:/var/hyperledger/orderer/orderer.genesis.block
|
||||||
- ../crypto-config/ordererOrganizations/example.com/orderers/orderer.example.com/msp:/var/hyperledger/orderer/msp
|
- ../crypto-config/ordererOrganizations/example.com/orderers/orderer.example.com/msp:/var/hyperledger/orderer/msp
|
||||||
- ../crypto-config/ordererOrganizations/example.com/orderers/orderer.example.com/tls/:/var/hyperledger/orderer/tls
|
- ../crypto-config/ordererOrganizations/example.com/orderers/orderer.example.com/tls/:/var/hyperledger/orderer/tls
|
||||||
ports:
|
ports:
|
||||||
|
|
|
@ -57,7 +57,7 @@ services:
|
||||||
command: /bin/bash -c './scripts/script.sh ${CHANNEL_NAME}; sleep $TIMEOUT'
|
command: /bin/bash -c './scripts/script.sh ${CHANNEL_NAME}; sleep $TIMEOUT'
|
||||||
volumes:
|
volumes:
|
||||||
- /var/run/:/host/var/run/
|
- /var/run/:/host/var/run/
|
||||||
- ../chaincode/go/:/opt/gopath/src/github.com/hyperledger/fabric/examples/chaincode/go
|
#- ../chaincode/go/:/opt/gopath/src/github.com/hyperledger/fabric/examples/chaincode/go
|
||||||
- ./crypto-config:/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/
|
- ./crypto-config:/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/
|
||||||
- ./scripts:/opt/gopath/src/github.com/hyperledger/fabric/peer/scripts/
|
- ./scripts:/opt/gopath/src/github.com/hyperledger/fabric/peer/scripts/
|
||||||
- ./channel-artifacts:/opt/gopath/src/github.com/hyperledger/fabric/peer/channel-artifacts
|
- ./channel-artifacts:/opt/gopath/src/github.com/hyperledger/fabric/peer/channel-artifacts
|
||||||
|
|
|
@ -9,7 +9,7 @@ echo "|____/ |_| /_/ \_\ |_| \_\ |_| |_____| |_____| |_____|"
|
||||||
echo
|
echo
|
||||||
|
|
||||||
CHANNEL_NAME="$1"
|
CHANNEL_NAME="$1"
|
||||||
: ${CHANNEL_NAME:="mychannel"}
|
: ${CHANNEL_NAME:="businesschannel"}
|
||||||
: ${TIMEOUT:="60"}
|
: ${TIMEOUT:="60"}
|
||||||
COUNTER=1
|
COUNTER=1
|
||||||
MAX_RETRY=5
|
MAX_RETRY=5
|
||||||
|
|
|
@ -23,7 +23,7 @@ services:
|
||||||
- ORDERER_GENERAL_LISTENPORT=7050
|
- ORDERER_GENERAL_LISTENPORT=7050
|
||||||
#- ORDERER_RAMLEDGER_HISTORY_SIZE=100 #only useful when use ram ledger
|
#- ORDERER_RAMLEDGER_HISTORY_SIZE=100 #only useful when use ram ledger
|
||||||
# enabled TLS
|
# enabled TLS
|
||||||
- ORDERER_GENERAL_TLS_ENABLED=false
|
- ORDERER_GENERAL_TLS_ENABLED=true
|
||||||
- ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
|
- ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
|
||||||
- ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
|
- ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
|
||||||
- ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
|
- ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
|
||||||
|
|
|
@ -11,16 +11,16 @@ services:
|
||||||
image: hyperledger/fabric-peer
|
image: hyperledger/fabric-peer
|
||||||
environment:
|
environment:
|
||||||
#- CORE_PEER_ID=peer0
|
#- CORE_PEER_ID=peer0
|
||||||
- CORE_PEER_ADDRESSAUTODETECT=true
|
- CORE_PEER_ADDRESSAUTODETECT=false
|
||||||
- CORE_LOGGING_LEVEL=DEBUG
|
- CORE_LOGGING_LEVEL=DEBUG
|
||||||
#- CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=hyperledger_fabric # uncomment this to use specific network
|
- CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=10_default # uncomment this to use specific network
|
||||||
#- CORE_PEER_NETWORKID=dev
|
#- CORE_PEER_NETWORKID=dev
|
||||||
- CORE_PEER_ENDORSER_ENABLED=true
|
- CORE_PEER_ENDORSER_ENABLED=true
|
||||||
- CORE_PEER_COMMITTER_ENABLED=true
|
- CORE_PEER_COMMITTER_ENABLED=true
|
||||||
- CORE_PEER_GOSSIP_USELEADERELECTION=true
|
- CORE_PEER_GOSSIP_USELEADERELECTION=true
|
||||||
- CORE_PEER_GOSSIP_ORGLEADER=false # this node is the group leader, default to false
|
- CORE_PEER_GOSSIP_ORGLEADER=false # this node is the group leader, default to false
|
||||||
- CORE_PEER_PROFILE_ENABLED=false
|
- CORE_PEER_PROFILE_ENABLED=false
|
||||||
- CORE_PEER_TLS_ENABLED=false
|
- CORE_PEER_TLS_ENABLED=true
|
||||||
- CORE_PEER_TLS_CERT_FILE=/etc/hyperledger/fabric/tls/server.crt
|
- CORE_PEER_TLS_CERT_FILE=/etc/hyperledger/fabric/tls/server.crt
|
||||||
- CORE_PEER_TLS_KEY_FILE=/etc/hyperledger/fabric/tls/server.key
|
- CORE_PEER_TLS_KEY_FILE=/etc/hyperledger/fabric/tls/server.key
|
||||||
- CORE_PEER_TLS_ROOTCERT_FILE=/etc/hyperledger/fabric/tls/ca.crt
|
- CORE_PEER_TLS_ROOTCERT_FILE=/etc/hyperledger/fabric/tls/ca.crt
|
||||||
|
|
Loading…
Reference in New Issue