55 lines
1.7 KiB
Bash
55 lines
1.7 KiB
Bash
#!/usr/bin/env bash
|
|
|
|
source env.sh
|
|
|
|
if [ "$#" -ne 2 ]; then
|
|
echo "Illegal number of parameters"
|
|
exit 1
|
|
fi
|
|
|
|
ORG_NAME=$1 # org1.example.com
|
|
TYPE=$2 # ca | tlsca
|
|
|
|
ORG_PATH=/etc/hyperledger/fabric-ca-server
|
|
CA_PATH=${ORG_PATH}/${TYPE} # e.g., /etc/hyperledger/fabric-ca-server/ca
|
|
|
|
echo $(hostname)
|
|
|
|
# do not recreate the credentials if existed
|
|
if [ ! -d ${CA_PATH} ]; then
|
|
mkdir -p ${CA_PATH}
|
|
cd ${CA_PATH}
|
|
echo "Generate the credentials for ${TYPE}.${ORG_NAME}"
|
|
|
|
# generate fabric-ca-server-config.yaml
|
|
#fabric-ca-server init \
|
|
# -H ${CA_PATH} \
|
|
# -b ${DEFAULT_USER}:${DEFAULT_PASS}
|
|
#rm -rf msp/* ca-cert.pem # these credentials are wrong
|
|
|
|
echo "${CA_SERVER_DEFAULT_CONFIG}" >> fabric-ca-server-config.yaml
|
|
|
|
# Update config
|
|
echo "Update fabric-ca-server-config.yaml"
|
|
yq w -i fabric-ca-server-config.yaml ca.name "${TYPE}.${ORG_NAME}"
|
|
yq w -i fabric-ca-server-config.yaml ca.certfile "${TYPE}.${ORG_NAME}-cert.pem"
|
|
yq w -i fabric-ca-server-config.yaml ca.keyfile "${TYPE}.${ORG_NAME}_sk"
|
|
|
|
yq w -i fabric-ca-server-config.yaml csr.cn "${TYPE}.${ORG_NAME}"
|
|
yq w -i fabric-ca-server-config.yaml csr.names[0].O "${ORG_NAME}"
|
|
yq w -i fabric-ca-server-config.yaml csr.names[0].OU "${TYPE}"
|
|
|
|
yq w -i fabric-ca-server-config.yaml tls.enabled false
|
|
#yq w -i fabric-ca-server-config.yaml tls.certfile "${ORG_PATH}/tlsca/tlsca.${ORG_NAME}-cert.pem"
|
|
#yq w -i fabric-ca-server-config.yaml tls.keyfile "${ORG_PATH}/tlsca/tlsca.${ORG_NAME}_sk"
|
|
|
|
# Generate new certs based on updated config
|
|
echo "Generate certificates for ${TYPE}.${ORG_NAME} under ${CA_PATH}"
|
|
fabric-ca-server init -H ${CA_PATH}
|
|
|
|
cp msp/keystore/*_sk ${TYPE}.${ORG_NAME}_sk
|
|
fi
|
|
|
|
echo "Start ${TYPE}.${ORG_NAME}..."
|
|
fabric-ca-server start -H ${CA_PATH}
|