On 9/30/19 9:21 AM, Marco Ippolito wrote:
> Hi Adrian,
> important update.
>
> After adding in fabric-ca-server-config.yaml
>
> ca:
> # Name of this CA
> name: fabric_ca
> # Key file (is only used to import a private key into BCCSP)
> keyfile: /etc/ssl/private/fabric_ca.key
> # Certificate file (default: ca-cert.pem)
> certfile: /etc/ssl/certs/fabric_ca.pem
> # Chain file
> chainfile:
>
> Now I get this message:
>
> (base) marco@pc:~/fabric/fabric-ca$ fabric-ca-server init -b admin:adminpw
> 2019/09/30 18:10:41 [INFO] Configuration file location:
> /home/marco/fabric/fabric-ca/fabric-ca-server-config.yaml
> 2019/09/30 18:10:41 [INFO] Server Version: 1.4.4
> 2019/09/30 18:10:41 [INFO] Server Levels: &{Identity:2 Affiliation:1
> Certificate:1 Credential:1 RAInfo:1 Nonce:1}
> 2019/09/30 18:10:41 [INFO] The CA key and certificate files already exist
> 2019/09/30 18:10:41 [INFO] Key file location: /etc/ssl/private/fabric_ca.key
> 2019/09/30 18:10:41 [INFO] Certificate file location:
> /etc/ssl/certs/fabric_ca.pem
> 2019/09/30 18:10:41 [FATAL] Initialization failure: Validation of
> certificate and key failed: Invalid certificate in file
> '/etc/ssl/certs/fabric_ca.pem': No usage specified for certificate
>
> This is the start of /etc/ssl/certs/fabric_ca.pem:
>
> -----BEGIN CERTIFICATE-----
> MIIDlTCCAn2gAwIBAgIUCm243lybs0PNfAEdgbuw0chmjWkwDQYJKoZIhvcNAQEL
>
> and this is its end:
> xNItFJulgsA1
> -----END CERTIFICATE-----
>
> What does it mean "No usage specified for certificate" ?
>
I have no idea. Per my post upstream I would test your Postgres setup
first without bringing in the fabric server:
psql "host=localhost port=5433 dbname=fabmnet_ca user=postgres
sslmode=require"
Changing sslmode to whatever you need.
--
Adrian Klaver
adrian.klaver@aklaver.com