Enable mutual TLS #35

guoger · 2020-07-16T13:44:32Z

No description provided.

SamYuan1990 · 2020-07-30T03:06:13Z

Will check this one and try with pr in weekend.

SamYuan1990 · 2020-07-31T13:12:04Z

According to https://github.com/hyperledger/fabric/blob/master/internal/peer/common/peerclient.go#L53
and
https://hyperledger-fabric.readthedocs.io/en/release-2.1/commands/peercommand.html?highlight=mutual%20TLS#usage

it seems we just need to add

		RequireClientCert: true,

as option when create client.

I suppose we don't have test-network supports mutual TLS(I will have an attempt)
but according to
https://hyperledger-fabric.readthedocs.io/en/release-2.1/enable_tls.html?highlight=mutual%20TLS#configuring-tls-for-peers-nodes
it seems we need to upgrade peer server and cli with

CORE_PEER_TLS_CLIENTAUTHREQUIRED = true

pls review it and if it's good enough, I will move forward.

SamYuan1990 · 2020-08-03T14:10:16Z

Ref to fabric code,
https://github.com/hyperledger/fabric/blob/master/internal/pkg/comm/server.go#L105

so we adding this logic in mock server to test with mutual tls?
the server tls file generated by test-network?

Adding parameter for mock server Fixs guoger/stupid/Hyperledger-TWGC#35 Signed-off-by: SamYuan1990 <yy19902439@126.com>

Adding parameter for mock server add mtls for mock server according to grpc/grpc-go#403 using mtls when create grpc connection Refactor using node as parameter Fixs guoger/stupid/Hyperledger-TWGC#35 Signed-off-by: SamYuan1990 <yy19902439@126.com>

Adding parameter for mock server add mtls for mock server according to grpc/grpc-go#403 using mtls when create grpc connection Refactor using node as parameter Fixs Hyperledger-TWGC#35 Signed-off-by: SamYuan1990 <yy19902439@126.com>

Adding parameter for mock server add mtls for mock server according to grpc/grpc-go#403 using mtls when create grpc connection Refactor using node as parameter Mock server test refactor with gexec Fixs Hyperledger-TWGC#35 Signed-off-by: SamYuan1990 <yy19902439@126.com>

Adding parameter for mock server add mtls for mock server according to grpc/grpc-go#403 using mtls when create grpc connection Refactor using node as parameter Mock server test refactor with gexec fix Hyperledger-TWGC#35 Signed-off-by: SamYuan1990 <yy19902439@126.com> Signed-off-by: Jay Guo <guojiannan1101@gmail.com>

Adding parameter for mock server add mtls for mock server according to grpc/grpc-go#403 using mtls when create grpc connection Refactor using node as parameter Mock server test refactor with gexec fix #35 Signed-off-by: SamYuan1990 <yy19902439@126.com> Signed-off-by: Jay Guo <guojiannan1101@gmail.com>

guoger assigned SamYuan1990 Jul 30, 2020

SamYuan1990 added a commit to SamYuan1990/tape that referenced this issue Aug 7, 2020

Enable mTLS

6d9bab1

Adding parameter for mock server Fixs guoger/stupid/Hyperledger-TWGC#35 Signed-off-by: SamYuan1990 <yy19902439@126.com>

SamYuan1990 mentioned this issue Aug 7, 2020

Enable mTLS #58

Closed

SamYuan1990 added a commit to SamYuan1990/tape that referenced this issue Aug 8, 2020

Enable mTLS

a74637c

Adding parameter for mock server Fixs guoger/stupid/Hyperledger-TWGC#35 Signed-off-by: SamYuan1990 <yy19902439@126.com>

SamYuan1990 mentioned this issue Aug 8, 2020

Enable mTLS #59

Merged

guoger closed this as completed in 54c3ee3 Aug 22, 2020

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Enable mutual TLS #35

Enable mutual TLS #35

guoger commented Jul 16, 2020

SamYuan1990 commented Jul 30, 2020

SamYuan1990 commented Jul 31, 2020

SamYuan1990 commented Aug 3, 2020

Enable mutual TLS #35

Enable mutual TLS #35

Comments

guoger commented Jul 16, 2020

SamYuan1990 commented Jul 30, 2020

SamYuan1990 commented Jul 31, 2020

SamYuan1990 commented Aug 3, 2020