Skip to content

Commit

Permalink
[FAB-12620] Orderer OU
Browse files Browse the repository at this point in the history
This change-set adds support for orderer ou
following the same design principals used
for the other ous.
The support is available starting from MSP
version 1.4.3

Change-Id: Id2ddd699d11b5be3744b3671802772d93605fdcf
Signed-off-by: Angelo De Caro <adc@zurich.ibm.com>
  • Loading branch information
adecaro committed Aug 13, 2019
1 parent 2f31597 commit 762f3c5
Show file tree
Hide file tree
Showing 32 changed files with 503 additions and 146 deletions.
9 changes: 5 additions & 4 deletions common/tools/cryptogen/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -89,6 +89,7 @@ OrdererOrgs:
# ---------------------------------------------------------------------------
- Name: Orderer
Domain: example.com
EnableNodeOUs: false
# ---------------------------------------------------------------------------
# "Specs" - See PeerOrgs below for complete description
Expand Down Expand Up @@ -353,7 +354,7 @@ func extendOrdererOrg(orgSpec OrgSpec) {
signCA := getCA(caDir, orgSpec, orgSpec.CA.CommonName)
tlsCA := getCA(tlscaDir, orgSpec, "tls"+orgSpec.CA.CommonName)

generateNodes(orderersDir, orgSpec.Specs, signCA, tlsCA, msp.ORDERER, false)
generateNodes(orderersDir, orgSpec.Specs, signCA, tlsCA, msp.ORDERER, orgSpec.EnableNodeOUs)

adminUser := NodeSpec{
CommonName: fmt.Sprintf("%s@%s", adminBaseName, orgName),
Expand Down Expand Up @@ -635,13 +636,13 @@ func generateOrdererOrg(baseDir string, orgSpec OrgSpec) {
os.Exit(1)
}

err = msp.GenerateVerifyingMSP(mspDir, signCA, tlsCA, false)
err = msp.GenerateVerifyingMSP(mspDir, signCA, tlsCA, orgSpec.EnableNodeOUs)
if err != nil {
fmt.Printf("Error generating MSP for org %s:\n%v\n", orgName, err)
os.Exit(1)
}

generateNodes(orderersDir, orgSpec.Specs, signCA, tlsCA, msp.ORDERER, false)
generateNodes(orderersDir, orgSpec.Specs, signCA, tlsCA, msp.ORDERER, orgSpec.EnableNodeOUs)

adminUser := NodeSpec{
CommonName: fmt.Sprintf("%s@%s", adminBaseName, orgName),
Expand All @@ -651,7 +652,7 @@ func generateOrdererOrg(baseDir string, orgSpec OrgSpec) {
users := []NodeSpec{}
// add an admin user
users = append(users, adminUser)
generateNodes(usersDir, users, signCA, tlsCA, msp.CLIENT, false)
generateNodes(usersDir, users, signCA, tlsCA, msp.CLIENT, orgSpec.EnableNodeOUs)

// copy the admin cert to the org's MSP admincerts
err = copyAdminCert(usersDir, adminCertsDir, adminUser.CommonName)
Expand Down
23 changes: 15 additions & 8 deletions common/tools/cryptogen/msp/generator.go
Original file line number Diff line number Diff line change
Expand Up @@ -28,15 +28,17 @@ const (
)

const (
CLIENTOU = "client"
PEEROU = "peer"
ADMINOU = "admin"
CLIENTOU = "client"
PEEROU = "peer"
ADMINOU = "admin"
ORDEREROU = "orderer"
)

var nodeOUMap = map[int]string{
CLIENT: CLIENTOU,
PEER: PEEROU,
ADMIN: ADMINOU,
CLIENT: CLIENTOU,
PEER: PEEROU,
ADMIN: ADMINOU,
ORDERER: ORDEREROU,
}

func GenerateLocalMSP(baseDir, name string, sans []string, signCA *ca.CA,
Expand Down Expand Up @@ -98,8 +100,9 @@ func GenerateLocalMSP(baseDir, name string, sans []string, signCA *ca.CA,
}

// generate config.yaml if required
if nodeOUs && nodeType == PEER {
exportConfig(mspDir, "cacerts/"+x509Filename(signCA.Name), true)
if nodeOUs && (nodeType == PEER || nodeType == ORDERER) {

exportConfig(mspDir, filepath.Join("cacerts", x509Filename(signCA.Name)), true)
}

// the signing identity goes into admincerts.
Expand Down Expand Up @@ -267,6 +270,10 @@ func exportConfig(mspDir, caFile string, enable bool) error {
Certificate: caFile,
OrganizationalUnitIdentifier: ADMINOU,
},
OrdererOUIdentifier: &fabricmsp.OrganizationalUnitIdentifiersConfiguration{
Certificate: caFile,
OrganizationalUnitIdentifier: ORDEREROU,
},
},
}

Expand Down
9 changes: 9 additions & 0 deletions msp/configbuilder.go
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,8 @@ type NodeOUs struct {
PeerOUIdentifier *OrganizationalUnitIdentifiersConfiguration `yaml:"PeerOUIdentifier,omitempty"`
// AdminOUIdentifier specifies how to recognize admins by OU
AdminOUIdentifier *OrganizationalUnitIdentifiersConfiguration `yaml:"AdminOUIdentifier,omitempty"`
// OrdererOUIdentifier specifies how to recognize admins by OU
OrdererOUIdentifier *OrganizationalUnitIdentifiersConfiguration `yaml:"OrdererOUIdentifier,omitempty"`
}

// Configuration represents the accessory configuration an MSP can be equipped with.
Expand Down Expand Up @@ -309,6 +311,9 @@ func getMspConfig(dir string, ID string, sigid *msp.SigningIdentityInfo) (*msp.M
if configuration.NodeOUs.AdminOUIdentifier != nil && len(configuration.NodeOUs.AdminOUIdentifier.OrganizationalUnitIdentifier) != 0 {
nodeOUs.AdminOuIdentifier = &msp.FabricOUIdentifier{OrganizationalUnitIdentifier: configuration.NodeOUs.AdminOUIdentifier.OrganizationalUnitIdentifier}
}
if configuration.NodeOUs.OrdererOUIdentifier != nil && len(configuration.NodeOUs.OrdererOUIdentifier.OrganizationalUnitIdentifier) != 0 {
nodeOUs.OrdererOuIdentifier = &msp.FabricOUIdentifier{OrganizationalUnitIdentifier: configuration.NodeOUs.OrdererOUIdentifier.OrganizationalUnitIdentifier}
}

// Read certificates, if defined

Expand All @@ -320,6 +325,10 @@ func getMspConfig(dir string, ID string, sigid *msp.SigningIdentityInfo) (*msp.M
if nodeOUs.AdminOuIdentifier != nil {
nodeOUs.AdminOuIdentifier.Certificate = loadCertificateAt(dir, configuration.NodeOUs.AdminOUIdentifier.Certificate, "AdminOU")
}
// OrdererOU
if nodeOUs.OrdererOuIdentifier != nil {
nodeOUs.OrdererOuIdentifier.Certificate = loadCertificateAt(dir, configuration.NodeOUs.OrdererOUIdentifier.Certificate, "OrdererOU")
}
}
} else {
mspLogger.Debugf("MSP configuration file not found at [%s]: [%s]", configFile, err)
Expand Down
21 changes: 18 additions & 3 deletions msp/mspimpl.go
Original file line number Diff line number Diff line change
Expand Up @@ -97,9 +97,9 @@ type bccspmsp struct {

// NodeOUs configuration
ouEnforcement bool
// These are the OUIdentifiers of the clients, peers and orderers.
// These are the OUIdentifiers of the clients, peers, admins and orderers.
// They are used to tell apart these entities
clientOU, peerOU, adminOU *OUIdentifier
clientOU, peerOU, adminOU, ordererOU *OUIdentifier
}

// newBccspMsp returns an MSP instance backed up by a BCCSP
Expand Down Expand Up @@ -334,8 +334,13 @@ func (msp *bccspmsp) hasOURoleInternal(id *identity, mspRole m.MSPRole_MSPRoleTy
nodeOUValue = msp.peerOU.OrganizationalUnitIdentifier
case m.MSPRole_ADMIN:
nodeOUValue = msp.adminOU.OrganizationalUnitIdentifier
case m.MSPRole_ORDERER:
if msp.ordererOU == nil {
return errors.New("cannot test for orderer ou classification, node ou for orderers not defined")
}
nodeOUValue = msp.ordererOU.OrganizationalUnitIdentifier
default:
return errors.New("Invalid MSPRoleType. It must be CLIENT, PEER or ADMIN")
return errors.New("Invalid MSPRoleType. It must be CLIENT, PEER, ADMIN or ORDERER")
}

for _, OU := range id.GetOrganizationalUnits() {
Expand Down Expand Up @@ -621,6 +626,16 @@ func (msp *bccspmsp) satisfiesPrincipalInternalV143(id Identity, principal *m.MS
return errors.Wrapf(err, "The identity is not an admin under this MSP [%s]", msp.name)
}

return nil
case m.MSPRole_ORDERER:
mspLogger.Debugf("Checking if identity satisfies role [%s] for %s", m.MSPRole_MSPRoleType_name[int32(mspRole.Role)], msp.name)
if err := msp.Validate(id); err != nil {
return errors.Wrapf(err, "The identity is not valid under this MSP [%s]", msp.name)
}

if err := msp.hasOURole(id, mspRole.Role); err != nil {
return errors.Wrapf(err, "The identity is not a [%s] under this MSP [%s]", m.MSPRole_MSPRoleType_name[int32(mspRole.Role)], msp.name)
}
return nil
}
}
Expand Down
14 changes: 14 additions & 0 deletions msp/mspimplsetup.go
Original file line number Diff line number Diff line change
Expand Up @@ -302,6 +302,20 @@ func (msp *bccspmsp) setupNodeOUsV143(config *m.FabricMSPConfig) error {
msp.adminOU.CertifiersIdentifier = certifiersIdentifier
}

// OrdererOU
if config.FabricNodeOus.OrdererOuIdentifier != nil {
msp.ordererOU = &OUIdentifier{OrganizationalUnitIdentifier: config.FabricNodeOus.OrdererOuIdentifier.OrganizationalUnitIdentifier}
if len(config.FabricNodeOus.OrdererOuIdentifier.Certificate) != 0 {
certifiersIdentifier, err := msp.getCertifiersIdentifier(config.FabricNodeOus.OrdererOuIdentifier.Certificate)
if err != nil {
return err
}
msp.ordererOU.CertifiersIdentifier = certifiersIdentifier
}
} else {
msp.ordererOU = nil
}

return nil
}

Expand Down
21 changes: 11 additions & 10 deletions msp/mspimplvalidate.go
Original file line number Diff line number Diff line change
Expand Up @@ -219,17 +219,18 @@ func (msp *bccspmsp) validateIdentityOUsV143(id *identity) error {
// Make sure that the identity has only one of the special OUs
// used to tell apart clients, peers and admins.
counter := 0
validOUs := make(map[string]*OUIdentifier)
validOUs[msp.clientOU.OrganizationalUnitIdentifier] = msp.clientOU
validOUs[msp.peerOU.OrganizationalUnitIdentifier] = msp.peerOU
validOUs[msp.adminOU.OrganizationalUnitIdentifier] = msp.adminOU
if msp.ordererOU != nil {
validOUs[msp.ordererOU.OrganizationalUnitIdentifier] = msp.ordererOU
}

for _, OU := range id.GetOrganizationalUnits() {
// Is OU.OrganizationalUnitIdentifier one of the special OUs?
var nodeOU *OUIdentifier
switch OU.OrganizationalUnitIdentifier {
case msp.clientOU.OrganizationalUnitIdentifier:
nodeOU = msp.clientOU
case msp.peerOU.OrganizationalUnitIdentifier:
nodeOU = msp.peerOU
case msp.adminOU.OrganizationalUnitIdentifier:
nodeOU = msp.adminOU
default:
nodeOU := validOUs[OU.OrganizationalUnitIdentifier]
if nodeOU == nil {
continue
}

Expand All @@ -244,7 +245,7 @@ func (msp *bccspmsp) validateIdentityOUsV143(id *identity) error {
}
}
if counter != 1 {
return errors.Errorf("the identity must be a client, a peer or an admin identity to be valid, not a combination of them. OUs: [%v], MSP: [%s]", id.GetOrganizationalUnits(), msp.name)
return errors.Errorf("the identity must be a client, a peer, an orderer or an admin identity to be valid, not a combination of them. OUs: [%v], MSP: [%s]", id.GetOrganizationalUnits(), msp.name)
}

return nil
Expand Down
56 changes: 56 additions & 0 deletions msp/nodeous_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -268,3 +268,59 @@ func TestLoad142MSPWithInvalidAdminConfiguration(t *testing.T) {
// the configuration enables NodeOUs (with adminOU) but no valid identifier for the AdminOU
getLocalMSPWithVersionErr(t, "testdata/nodeouadmin3", MSPv1_4_3, "invalid admin ou configuration, nil.")
}

func TestSatisfiesPrincipalOrderer(t *testing.T) {
// testdata/nodeouorderer:
// the configuration enables NodeOUs (with orderOU)
thisMSP := getLocalMSPWithVersion(t, "testdata/nodeouorderer", MSPv1_4_3)
assert.True(t, thisMSP.(*bccspmsp).ouEnforcement)

id, err := thisMSP.(*bccspmsp).GetDefaultSigningIdentity()
assert.NoError(t, err)

principalBytes, err := proto.Marshal(&msp.MSPRole{Role: msp.MSPRole_ORDERER, MspIdentifier: "SampleOrg"})
assert.NoError(t, err)
principal := &msp.MSPPrincipal{
PrincipalClassification: msp.MSPPrincipal_ROLE,
Principal: principalBytes}
err = id.SatisfiesPrincipal(principal)
assert.NoError(t, err)
}

func TestLoad142MSPWithInvalidOrdererConfiguration(t *testing.T) {
// testdata/nodeouorderer2:
// the configuration enables NodeOUs (with orderOU) but no valid identifier for the OrdererOU
thisMSP := getLocalMSPWithVersion(t, "testdata/nodeouorderer2", MSPv1_4_3)
conf, err := GetLocalMspConfig("testdata/nodeouorderer2", nil, "SampleOrg")
assert.NoError(t, err)

id, err := thisMSP.(*bccspmsp).GetDefaultSigningIdentity()
assert.NoError(t, err)

principalBytes, err := proto.Marshal(&msp.MSPRole{Role: msp.MSPRole_ORDERER, MspIdentifier: "SampleOrg"})
assert.NoError(t, err)
principal := &msp.MSPPrincipal{
PrincipalClassification: msp.MSPPrincipal_ROLE,
Principal: principalBytes}
err = id.SatisfiesPrincipal(principal)
assert.Error(t, err)
assert.Equal(t, "The identity is not a [ORDERER] under this MSP [SampleOrg]: cannot test for orderer ou classification, node ou for orderers not defined", err.Error())

// testdata/nodeouorderer3:
// the configuration enables NodeOUs (with orderOU) but no valid identifier for the OrdererOU
thisMSP = getLocalMSPWithVersion(t, "testdata/nodeouorderer3", MSPv1_4_3)

err = thisMSP.Setup(conf)
assert.NoError(t, err)
id, err = thisMSP.(*bccspmsp).GetDefaultSigningIdentity()
assert.NoError(t, err)

principalBytes, err = proto.Marshal(&msp.MSPRole{Role: msp.MSPRole_ORDERER, MspIdentifier: "SampleOrg"})
assert.NoError(t, err)
principal = &msp.MSPPrincipal{
PrincipalClassification: msp.MSPPrincipal_ROLE,
Principal: principalBytes}
err = id.SatisfiesPrincipal(principal)
assert.Error(t, err)
assert.Equal(t, "The identity is not a [ORDERER] under this MSP [SampleOrg]: cannot test for orderer ou classification, node ou for orderers not defined", err.Error())
}
3 changes: 3 additions & 0 deletions msp/testdata/nodeouadmin/config.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -9,3 +9,6 @@ NodeOUs:
AdminOUIdentifier:
Certificate: cacerts/ca.org1.example.com-cert.pem
OrganizationalUnitIdentifier: admin
OrdererOUIdentifier:
Certificate: cacerts/ca.example.com-cert.pem
OrganizationalUnitIdentifier: orderer
3 changes: 3 additions & 0 deletions msp/testdata/nodeouadmin2/config.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -9,3 +9,6 @@ NodeOUs:
AdminOUIdentifier:
Certificate: cacerts/ca.org1.example.com-cert.pem
OrganizationalUnitIdentifier:
OrdererOUIdentifier:
Certificate: cacerts/ca.example.com-cert.pem
OrganizationalUnitIdentifier: orderer
5 changes: 4 additions & 1 deletion msp/testdata/nodeouadmin3/config.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -5,4 +5,7 @@ NodeOUs:
OrganizationalUnitIdentifier: client
PeerOUIdentifier:
Certificate: cacerts/ca.org1.example.com-cert.pem
OrganizationalUnitIdentifier: peer
OrganizationalUnitIdentifier: peer
OrdererOUIdentifier:
Certificate: cacerts/ca.example.com-cert.pem
OrganizationalUnitIdentifier: orderer
14 changes: 14 additions & 0 deletions msp/testdata/nodeouorderer/admincerts/Admin@example.com-cert.pem
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
-----BEGIN CERTIFICATE-----
MIICGzCCAcKgAwIBAgIRAN5DkOBs583C+swyjC7nHS0wCgYIKoZIzj0EAwIwaTEL
MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG
cmFuY2lzY28xFDASBgNVBAoTC2V4YW1wbGUuY29tMRcwFQYDVQQDEw5jYS5leGFt
cGxlLmNvbTAeFw0xOTA3MDQxNjI3MDBaFw0yOTA3MDExNjI3MDBaMGcxCzAJBgNV
BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4gRnJhbmNp
c2NvMQ8wDQYDVQQLEwZjbGllbnQxGjAYBgNVBAMMEUFkbWluQGV4YW1wbGUuY29t
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE3H+SsKIPqOTCn2YBHDYTkgsvYtr0
6Kz3mEp4jfNmRt0Mz/Sjyg+E3AUjBah/Qj6WBqVYhmJeFsMoNvk8OhdHg6NNMEsw
DgYDVR0PAQH/BAQDAgeAMAwGA1UdEwEB/wQCMAAwKwYDVR0jBCQwIoAg3+GALQue
CGamN/C2yq8S+ET/YsjAltoJS2hjlwUXxZ8wCgYIKoZIzj0EAwIDRwAwRAIgXvE1
Dsw0Vd2Tz+mxCfyf62lzQ8IN2BE4qsEQNgcsL94CIH26gcvFF7u0j+FVkjA4Awuq
10yaq8RzytoLpOz4SDkw
-----END CERTIFICATE-----
15 changes: 15 additions & 0 deletions msp/testdata/nodeouorderer/cacerts/ca.example.com-cert.pem
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
-----BEGIN CERTIFICATE-----
MIICPzCCAeSgAwIBAgIRAONi5v8ImyejqCrCatbAW1QwCgYIKoZIzj0EAwIwaTEL
MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG
cmFuY2lzY28xFDASBgNVBAoTC2V4YW1wbGUuY29tMRcwFQYDVQQDEw5jYS5leGFt
cGxlLmNvbTAeFw0xOTA3MDQxNjI3MDBaFw0yOTA3MDExNjI3MDBaMGkxCzAJBgNV
BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4gRnJhbmNp
c2NvMRQwEgYDVQQKEwtleGFtcGxlLmNvbTEXMBUGA1UEAxMOY2EuZXhhbXBsZS5j
b20wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQAfjOlLCdB/6SsdPlbDHUsdK+b
gRuEN38QOFZ0Ws3aFAsER8ImqV3UIlsbKi5JnDs+OQnzrr3hrKA8downRRy/o20w
azAOBgNVHQ8BAf8EBAMCAaYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMB
MA8GA1UdEwEB/wQFMAMBAf8wKQYDVR0OBCIEIN/hgC0LnghmpjfwtsqvEvhE/2LI
wJbaCUtoY5cFF8WfMAoGCCqGSM49BAMCA0kAMEYCIQDhhgAHx0l7V5uAG2hATgCs
bvsbHiJpHUtiK7f1Qfxf2AIhANeukSgRU+AeGSzyVmAOKhIUS+grsPyspksUwVvB
ehXv
-----END CERTIFICATE-----
14 changes: 14 additions & 0 deletions msp/testdata/nodeouorderer/config.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
NodeOUs:
Enable: true
ClientOUIdentifier:
Certificate: cacerts/ca.example.com-cert.pem
OrganizationalUnitIdentifier: client
PeerOUIdentifier:
Certificate: cacerts/ca.example.com-cert.pem
OrganizationalUnitIdentifier: peer
AdminOUIdentifier:
Certificate: cacerts/ca.example.com-cert.pem
OrganizationalUnitIdentifier: admin
OrdererOUIdentifier:
Certificate: cacerts/ca.example.com-cert.pem
OrganizationalUnitIdentifier: orderer
5 changes: 5 additions & 0 deletions msp/testdata/nodeouorderer/keystore/priv_sk
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
-----BEGIN PRIVATE KEY-----
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQg3XkpMssR+HPUfA+C
SvrEalkm9qz1RvDZzWpeJZJgzHuhRANCAATttnug4BR0dA3fL8XFWdcAz2KBYXNu
o1ZoZtYoXuTBQmIAp9gzE3n4WZlx1Q20auf3LyheORimUmRokuMkzDBd
-----END PRIVATE KEY-----
14 changes: 14 additions & 0 deletions msp/testdata/nodeouorderer/signcerts/orderer.example.com-cert.pem
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
-----BEGIN CERTIFICATE-----
MIICHjCCAcSgAwIBAgIQSEQ9WMdyikoUBDZC1SCNYjAKBggqhkjOPQQDAjBpMQsw
CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZy
YW5jaXNjbzEUMBIGA1UEChMLZXhhbXBsZS5jb20xFzAVBgNVBAMTDmNhLmV4YW1w
bGUuY29tMB4XDTE5MDcwNDE2MjcwMFoXDTI5MDcwMTE2MjcwMFowajELMAkGA1UE
BhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBGcmFuY2lz
Y28xEDAOBgNVBAsTB29yZGVyZXIxHDAaBgNVBAMTE29yZGVyZXIuZXhhbXBsZS5j
b20wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATttnug4BR0dA3fL8XFWdcAz2KB
YXNuo1ZoZtYoXuTBQmIAp9gzE3n4WZlx1Q20auf3LyheORimUmRokuMkzDBdo00w
SzAOBgNVHQ8BAf8EBAMCB4AwDAYDVR0TAQH/BAIwADArBgNVHSMEJDAigCDf4YAt
C54IZqY38LbKrxL4RP9iyMCW2glLaGOXBRfFnzAKBggqhkjOPQQDAgNIADBFAiEA
6moSx8Ny5hOtKgR5ixwMclqefiFDW5p1OQ1mOakYe3MCIGuqooZlekXL/xCVpuNZ
V4ODyvgvMEgQBg7lpg7RapWZ
-----END CERTIFICATE-----
15 changes: 15 additions & 0 deletions msp/testdata/nodeouorderer/tlscacerts/tlsca.example.com-cert.pem
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
-----BEGIN CERTIFICATE-----
MIICRTCCAeqgAwIBAgIRAJCUl0CdwlkfiNTXt/gxVlgwCgYIKoZIzj0EAwIwbDEL
MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG
cmFuY2lzY28xFDASBgNVBAoTC2V4YW1wbGUuY29tMRowGAYDVQQDExF0bHNjYS5l
eGFtcGxlLmNvbTAeFw0xOTA3MDQxNjI3MDBaFw0yOTA3MDExNjI3MDBaMGwxCzAJ
BgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4gRnJh
bmNpc2NvMRQwEgYDVQQKEwtleGFtcGxlLmNvbTEaMBgGA1UEAxMRdGxzY2EuZXhh
bXBsZS5jb20wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASiqvojiDlos4TH6hOh
2Sg16UMVs4xG/s6M0MxICfAJSkwD3PRwKOinv8wD7OT7FxevPa6THKZONsXJwhWR
Lbero20wazAOBgNVHQ8BAf8EBAMCAaYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsG
AQUFBwMBMA8GA1UdEwEB/wQFMAMBAf8wKQYDVR0OBCIEIEcM31EymEUj64aNdHFZ
0OCICQC3vXXeGLXrrc28liw6MAoGCCqGSM49BAMCA0kAMEYCIQCgfmcPMxf8ojnD
UbfnxXFHHHqAQ03X+bISVaKVtpcqjwIhAOwrN+SL40ORnkRgKBzyL8SzyiDXwqf0
RqgngKsp/XOT
-----END CERTIFICATE-----
Loading

0 comments on commit 762f3c5

Please sign in to comment.