docker-compose-files/hyperledger_fabric/fabric-ca/scripts/start-orderer.sh

50 lines
1.7 KiB
Bash

#!/bin/bash
#
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
source $(dirname "$0")/env.sh
# Wait for setup to complete sucessfully
awaitSetup
set -e
# Enroll to get orderer's TLS cert (using the "tls" profile)
fabric-ca-client enroll -d --enrollment.profile tls -u $ENROLLMENT_URL -M /tmp/tls --csr.hosts $ORDERER_HOST
# Copy the TLS key and cert to the appropriate place
TLSDIR=$ORDERER_HOME/tls
mkdir -p $TLSDIR
cp /tmp/tls/keystore/* $ORDERER_GENERAL_TLS_PRIVATEKEY
cp /tmp/tls/signcerts/* $ORDERER_GENERAL_TLS_CERTIFICATE
DATA_DIR=/${CRYPTO_ORDERER}/${DOMAIN}/orderers/${ORDERER}.${DOMAIN}
DATA_TLSDIR=/${DATA_DIR}/tls
mkdir -p ${DATA_TLSDIR}
cp $ORDERER_GENERAL_TLS_PRIVATEKEY ${DATA_TLSDIR}/server.key
cp $ORDERER_GENERAL_TLS_CERTIFICATE ${DATA_TLSDIR}/server.crt
cp $FABRIC_CA_CLIENT_TLS_CERTFILES ${DATA_TLSDIR}/ca.crt
rm -rf /tmp/tls
# Enroll again to get the orderer's enrollment certificate (default profile)
fabric-ca-client enroll -d -u $ENROLLMENT_URL -M $ORDERER_GENERAL_LOCALMSPDIR
mv $ORDERER_GENERAL_LOCALMSPDIR/cacerts/* $ORDERER_GENERAL_LOCALMSPDIR/cacerts/ca.${DOMAIN}-cert.pem #rename cacert
#v $ORDERER_GENERAL_LOCALMSPDIR/signcerts/* $ORDERER_GENERAL_LOCALMSPDIR/signcerts/${ORDERER}.${DOMAIN}-cert.pem #rename signcert
# Finish setting up the local MSP for the orderer
finishMSPSetup $ORDERER_GENERAL_LOCALMSPDIR
ORG_ADMIN_CERT=/${CRYPTO_ORDERER}/${DOMAIN}/msp/admincerts/Admin@${DOMAIN}-cert.pem
copyAdminCert $ORDERER_GENERAL_LOCALMSPDIR
cp -r $ORDERER_GENERAL_LOCALMSPDIR ${DATA_DIR}
# Wait for the genesis block to be created
dowait "genesis block to be created" 60 $SETUP_LOGFILE $ORDERER_GENERAL_GENESISFILE
# Start the orderer
env | grep ORDERER
orderer