Access denied: channel [] creator org unknown, creator is malformed) about 4host-swarm HOT 8 OPEN

Hello,
Did you manage to find any solution to this ?
I have the same problem.

from 4host-swarm.

Hi I'm David again,
No, I'm still stuck with TLS issues.
Have you managed to make any progress? Any help would be appreciated,
thank you!

from 4host-swarm.

In host 1 issue the following command :
docker execl cli peer version
If the version is 2.5.3 (latest) then in the hostn.yaml files add this
- CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/fabric/msp
as an environment variable to each peer.
Alternatively when spinning up the containers try to use the 2.4.9 image instead of latest (replace latest with 2.4.9).
Both of the solutions worked for me but went with the first since it uses the latest version

from 4host-swarm.

Hi thanks for the info.

Should I modify also this in the host1.yaml?

• CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/fabric/msp

And Should I add it as an enviroment variable inside of the peers??
because I only have one cli container in the host1 and I don't have it in the rest of the hostn.yaml.

Do you have your code in a public repo?

from 4host-swarm.

- CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/fabric/msp should be added in each peer not the cli in the enviroment variables. My code is not in a public repo but here is a snipper of how each peer should be configured

  peer0.org1.example.com:
    container_name: peer0.org1.example.com
    extends:
      file:  base/peer-base.yaml
      service: peer-base
    environment:
      - CORE_PEER_ID=peer0.org1.example.com
      - CORE_PEER_ADDRESS=peer0.org1.example.com:7051
      - CORE_PEER_LISTENADDRESS=0.0.0.0:7051
      - CORE_PEER_CHAINCODEADDRESS=peer0.org1.example.com:7052
      - CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:7052
      - CORE_PEER_GOSSIP_BOOTSTRAP=peer1.org1.example.com:8051
      - CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.org1.example.com:7051
      - CORE_PEER_LOCALMSPID=Org1MSP
      - CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/fabric/msp
    volumes:
      - /var/run/:/host/var/run/
      - ./crypto-config/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/msp:/etc/hyperledger/fabric/msp
      - ./crypto-config/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls:/etc/hyperledger/fabric/tls
      - peer0.org1.example.com:/var/hyperledger/production
    ports:
      - 7051:7051
    networks:
      - byfn

Notice the that - CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/fabric/msp is added in the peers enviroments. That should be done for each peer even if the peer belongs to a different host

from 4host-swarm.

Hi again,

I have added the - CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/fabric/msp to each peer.
And now I use the following commands to create the channel and join it and I have a TLS or certificate problem with the second peer, as you can see here:
david.casalod@bip-dev-04:~/go/src/github.com/david/fabric-samples-lastverion/hfabric_2hosts$ docker exec cli peer channel join -b mychannel.block 2023-08-24 08:43:36.979 UTC 0001 INFO [channelCmd] InitCmdFactory -> Endorser and orderer connections initialized 2023-08-24 08:43:37.314 UTC 0002 INFO [channelCmd] executeJoin -> Successfully submitted proposal to join channel david.casalod@bip-dev-04:~/go/src/github.com/david/fabric-samples-lastverion/hfabric_2hosts$ docker exec -e CORE_PEER_ADDRESS=peer0.org2.example.com:9051 -e CORE_PEER_LOCALMSPID="Org2MSP" -e CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt cli peer channel join -b mychannel.block 2023-08-24 08:54:17.068 UTC 0001 ERRO [comm.tls] ClientHandshake -> Client TLS handshake failed after 3.94643ms with error: tls: failed to verify certificate: x509: certificate signed by unknown authority (possibly because of "x509: ECDSA verification failure" while trying to verify candidate authority certificate "tlsca.org2.example.com") remoteaddress=10.0.2.34:9051 2023-08-24 08:54:18.083 UTC 0002 INFO [channelCmd] InitCmdFactory -> Endorser and orderer connections initialized Error: proposal failed (err: rpc error: code = Unknown desc = error validating proposal: access denied: channel [] creator org unknown, creator is malformed)

I am using this command:
docker exec -e CORE_PEER_ADDRESS=peer0.org2.example.com:9051 -e CORE_PEER_LOCALMSPID="Org2MSP" -e CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt cli peer channel join -b mychannel.block

How do you create the channel and join each peer?

Thanks so much

from 4host-swarm.

I would suggest regenerating the crypto materials using the version fabric runs inside the containers.
Run this command
docker exec cli peer version it should say 2.5.3 if you are using the latest version.
Then outside the containers regenerate the crypto materials using the 2.5.3 binaries (issue the same command to check, notice you have to add the fabric binaries to path so that you can run this commands)
The commands to generate the cryptos are the following.

cryptogen generate --config=./crypto-config.yaml

configtxgen -profile SampleMultiNodeEtcdRaft -channelID networkchannel -outputBlock ./channel-artifacts/genesis.block
configtxgen -profile TwoOrgsChannel -channelID mychannel -outputCreateChannelTx ./channel-artifacts/channel.tx
configtxgen -profile TwoOrgsChannel -outputAnchorPeersUpdate ./channel-artifacts/Org1MSPanchors.tx -channelID mychannel -asOrg Org1MSP
configtxgen -profile TwoOrgsChannel -outputAnchorPeersUpdate ./channel-artifacts/Org2MSPanchors.tx -channelID mychannel -asOrg Org2MSP

then share the crypto materials, crypto-config and channel-artifacts directories, to the other hosts bring them up and try to join the channel.

from 4host-swarm.

Hi,

After some time, I managed to get it working using the binary version and Fabric 2.2 or 2.3.
However, now I have a network of 2 hosts to which I have added CouchDB databases to be able to deploy a chaincode with private data and collections.

The problem is that this network works following the Medium tutorial, but only works with chaincodes that don't have collections. When I deploy my chaincode the following happens: it shows status 'valid' after sending for approval, but when I query to see the status it shows 'false':

ariuserbip@bippreproductionservices:~/fabric$ docker exec cli peer lifecycle chaincode approveformyorg --tls ... [rest of the command]
2023-09-13 11:13:11.978 UTC [cli.lifecycle.chaincode] setOrdererClient -> INFO 001 Retrieved channel (mychannel) orderer endpoint: orderer.example.com:7050
2023-09-13 11:13:14.189 UTC [chaincodeCmd] ClientWait -> INFO 002 txid [60197e99cbe58b5745600e1fdd1862a7e4e7dbb0f80770c026af2094cc66a8de] committed with status (VALID) at peer0.org1.example.com:7051

ariuserbip@bippreproductionservices:~/fabric$ docker exec -e CORE_PEER_MSPCONFIGPATH=... [rest of the command]
2023-09-13 11:13:29.091 UTC [cli.lifecycle.chaincode] setOrdererClient -> INFO 001 Retrieved channel (mychannel) orderer endpoint: orderer.example.com:7050
2023-09-13 11:13:31.271 UTC [chaincodeCmd] ClientWait -> INFO 002 txid [30727305a6de1af7e0f87ee2dcdf09028a97e461bc0699044576823b84df6770] committed with status (VALID) at peer0.org2.example.com:9051

ariuserbip@bippreproductionservices:~/fabric$ docker exec cli peer lifecycle chaincode checkcommitreadiness --channelID mychannel --name vdr-fabric-sc --version 1.0 --sequence 1 
Chaincode definition for chaincode 'vdr-fabric-sc', version '1.0', sequence '1' on channel 'mychannel' approval status by org:
Org1MSP: false
Org2MSP: false

Any help please?

from 4host-swarm.