You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
221 lines
7.1 KiB
221 lines
7.1 KiB
|
|
version: 1.0.0
|
|
|
|
client:
|
|
|
|
organization: org1
|
|
|
|
logging:
|
|
level: info
|
|
|
|
cryptoconfig:
|
|
path: /root/go/src/education/fixtures/crypto-config
|
|
|
|
credentialStore:
|
|
|
|
path: "/tmp/state-store"
|
|
|
|
cryptoStore:
|
|
# Specific to the underlying KeyValueStore that backs the crypto key store.
|
|
path: /tmp/msp
|
|
|
|
BCCSP:
|
|
security:
|
|
enabled: true
|
|
default:
|
|
provider: "SW"
|
|
hashAlgorithm: "SHA2"
|
|
softVerify: true
|
|
level: 256
|
|
|
|
tlsCerts:
|
|
# [Optional]. Use system certificate pool when connecting to peers, orderers (for negotiating TLS) Default: false
|
|
systemCertPool: true
|
|
|
|
# [Optional]. Client key and cert for TLS handshake with peers and orderers
|
|
client:
|
|
key:
|
|
path: /root/go/src/education/fixtures/crypto-config/peerOrganizations/org1.example.com/users/User1@org1.example.com/tls/client.key
|
|
cert:
|
|
path: /root/go/src/education/fixtures/crypto-config/peerOrganizations/org1.example.com/users/User1@org1.example.com/tls/client.crt
|
|
|
|
|
|
channels:
|
|
|
|
|
|
|
|
# multi-org test channel
|
|
mychannel:
|
|
|
|
|
|
peers:
|
|
peer0.org1.example.com:
|
|
endorsingPeer: true
|
|
chaincodeQuery: true
|
|
ledgerQuery: true
|
|
eventSource: true
|
|
|
|
|
|
peer1.org1.example.com:
|
|
endorsingPeer: true
|
|
chaincodeQuery: true
|
|
ledgerQuery: true
|
|
eventSource: true
|
|
|
|
policies:
|
|
queryChannelConfig:
|
|
minResponses: 1
|
|
maxTargets: 1
|
|
retryOpts:
|
|
attempts: 5
|
|
initialBackoff: 500ms
|
|
maxBackoff: 5s
|
|
backoffFactor: 2.0
|
|
#
|
|
# list of participating organizations in this network
|
|
#
|
|
organizations:
|
|
org1:
|
|
mspid: Org1MSP
|
|
|
|
# This org's MSP store (absolute path or relative to client.cryptoconfig)
|
|
cryptoPath: peerOrganizations/org1.example.com/users/{username}@org1.example.com/msp
|
|
|
|
peers:
|
|
- peer0.org1.example.com
|
|
- peer1.org1.example.com
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# [Optional]. Certificate Authorities issue certificates for identification purposes in a Fabric based
|
|
# network. Typically certificates provisioning is done in a separate process outside of the
|
|
# runtime network. Fabric-CA is a special certificate authority that provides a REST APIs for
|
|
# dynamic certificate management (enroll, revoke, re-enroll). The following section is only for
|
|
# Fabric-CA servers.
|
|
|
|
|
|
# the profile will contain public information about organizations other than the one it belongs to.
|
|
# These are necessary information to make transaction lifecycles work, including MSP IDs and
|
|
# peers with a public URL to send transaction proposals. The file will not contain private
|
|
# information reserved for members of the organization, such as admin key and certificate,
|
|
# fabric-ca registrar enroll ID and secret, etc.
|
|
# org1:
|
|
# mspid: org1MSP
|
|
|
|
# This org's MSP store (absolute path or relative to client.cryptoconfig)
|
|
# cryptoPath: peerOrganizations/org1.example.com/users/{username}@org1.example.com/msp
|
|
|
|
# peers:
|
|
# - peer0.org1.example.com
|
|
|
|
|
|
|
|
# Orderer Org name
|
|
ordererorg:
|
|
# Membership Service Provider ID for this organization
|
|
mspID: OrdererMSP
|
|
|
|
# Needed to load users crypto keys and certs for this org (absolute path or relative to global crypto path, DEV mode)
|
|
cryptoPath: ordererOrganizations/example.com/users/{username}@example.com/msp
|
|
|
|
|
|
#
|
|
# List of orderers to send transaction and channel create/update requests to. For the time
|
|
# being only one orderer is needed. If more than one is defined, which one get used by the
|
|
# SDK is implementation specific. Consult each SDK's documentation for its handling of orderers.
|
|
#
|
|
orderers:
|
|
|
|
|
|
orderer.example.com:
|
|
# [Optional] Default: Infer from hostname
|
|
url: orderer.example.com:7050
|
|
|
|
# these are standard properties defined by the gRPC library
|
|
# they will be passed in as-is to gRPC client constructor
|
|
grpcOptions:
|
|
ssl-target-name-override: orderer.example.com
|
|
# These parameters should be set in coordination with the keepalive policy on the server,
|
|
# as incompatible settings can result in closing of connection.
|
|
# When duration of the 'keep-alive-time' is set to 0 or less the keep alive client parameters are disabled
|
|
keep-alive-time: 0s
|
|
keep-alive-timeout: 20s
|
|
keep-alive-permit: false
|
|
fail-fast: false
|
|
# allow-insecure will be taken into consideration if address has no protocol defined, if true then grpc or else grpcs
|
|
allow-insecure: false
|
|
|
|
tlsCACerts:
|
|
# Certificate location absolute path
|
|
path: /root/go/src/education/fixtures/crypto-config/ordererOrganizations/example.com/tlsca/tlsca.example.com-cert.pem
|
|
|
|
#
|
|
# List of peers to send various requests to, including endorsement, query
|
|
# and event listener registration.
|
|
#
|
|
peers:
|
|
|
|
|
|
peer0.org1.example.com:
|
|
# this URL is used to send endorsement and query requests
|
|
# [Optional] Default: Infer from hostname
|
|
url: peer0.org1.example.com:7051
|
|
grpcOptions:
|
|
ssl-target-name-override: peer0.org1.example.com
|
|
# These parameters should be set in coordination with the keepalive policy on the server,
|
|
# as incompatible settings can result in closing of connection.
|
|
# When duration of the 'keep-alive-time' is set to 0 or less the keep alive client parameters are disabled
|
|
keep-alive-time: 0s
|
|
keep-alive-timeout: 20s
|
|
keep-alive-permit: false
|
|
fail-fast: false
|
|
# allow-insecure will be taken into consideration if address has no protocol defined, if true then grpc or else grpcs
|
|
allow-insecure: false
|
|
#grpcOptions:
|
|
# ssl-target-name-override: peer0.org1.example.com
|
|
|
|
tlsCACerts:
|
|
# Certificate location absolute path
|
|
path: /root/go/src/education/fixtures/crypto-config/peerOrganizations/org1.example.com/tlsca/tlsca.org1.example.com-cert.pem
|
|
|
|
|
|
peer1.org1.example.com:
|
|
url: peer1.org1.example.com:9051
|
|
#grpcOptions:
|
|
# ssl-target-name-override: peer0.org1.example.com
|
|
grpcOptions:
|
|
ssl-target-name-override: peer1.org1.example.com
|
|
# These parameters should be set in coordination with the keepalive policy on the server,
|
|
# as incompatible settings can result in closing of connection.
|
|
# When duration of the 'keep-alive-time' is set to 0 or less the keep alive client parameters are disabled
|
|
keep-alive-time: 0s
|
|
keep-alive-timeout: 20s
|
|
keep-alive-permit: false
|
|
fail-fast: false
|
|
# allow-insecure will be taken into consideration if address has no protocol defined, if true then grpc or else grpcs
|
|
allow-insecure: false
|
|
tlsCACerts:
|
|
path: /root/go/src/education/fixtures/crypto-config/peerOrganizations/org1.example.com/tlsca/tlsca.org1.example.com-cert.pem
|
|
|
|
|
|
|
|
#
|
|
# Fabric-CA is a special kind of Certificate Authority provided by Hyperledger Fabric which allows
|
|
# certificate management to be done via REST APIs. Application may choose to use a standard
|
|
# Certificate Authority instead of Fabric-CA, in which case this section would not be specified.
|
|
#
|
|
entityMatchers:
|
|
peer:
|
|
|
|
- pattern: (\w+).org1.example.com:(\d+)
|
|
urlSubstitutionExp: ${1}.org1.example.com:${2}
|
|
sslTargetOverrideUrlSubstitutionExp: ${1}.org1.example.com
|
|
mappedHost: peer0.org1.example.com
|
|
|
|
|