-
Notifications
You must be signed in to change notification settings - Fork 712
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
release-2.2 mutual tls config key and peer property key not matching #260
Comments
By changing the code in NetworkConfig.java to match the certFile and keyFile key names, it works. I have tested with my local fix.
|
This looks like something that has never worked, and perhaps wasn't intended to. The change you refer to just introduced some new functionality and didn't change any existing property naming set by NetworkConfig. It seems by happy coincidence that it would provide the capability you are looking for too though. The Endpoint code is picking up properties set either explicitly if nodes are programmatically added, or from configuration and/or environment variables when nodes are added by service discovery, here:
Your suggested enhancement seems reasonable, although I think "tlsClientKeyFile", "tlsClientCertFile", "tlsClientKeyBytes" and "tlsClientCertBytes" would all need to change to the forms without the leading "tls" to match the Endpoint code. Note that these properties are also used in HFClient, here: fabric-sdk-java/src/main/java/org/hyperledger/fabric_ca/sdk/HFCAClient.java Lines 1620 to 1630 in 4d3cfc5
I think the changes required would be:
Would you like to implement these changes? |
Happy to do so. |
@bestbeforetoday I have made the changes, but it seems that I can't create a new pull request. Could you have a look? https://github.com/irririki/fabric-sdk-java-260
|
I think the problem might be that your repository is not a fork if this repository. The repository with your changes needs to be a fork of the repository to which you want to propose changes by creating a pull request. See the GitHub documentation on how to fork a repo. Then the documentation on creating a pull request from a fork. |
Here is the extraction from my connection profile:
and here is the code:
The problem happens at 2 places. The first one is:
where in NetworkConfig.java, it will put in props the key 'tlsClientKeyFile'.
See
fabric-sdk-java/src/main/java/org/hyperledger/fabric/sdk/NetworkConfig.java
Lines 845 to 862 in 3dfc858
This change was introduced since v2.2.4.
Then it goes on to the line:
where, in Endpoint.java, it tries to find 'clientKeyFile' in the properties
See
fabric-sdk-java/src/main/java/org/hyperledger/fabric/sdk/Endpoint.java
Lines 175 to 198 in 3dfc858
Since the property has a different name, the method return null, which results on the peer side returning an error saying the client didn't send the certificate.
The text was updated successfully, but these errors were encountered: