-
-
Save bellaj/9b31660a7ac45671b518cb3cc5eff048 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
function createOrg1() { | |
infoln "reenrolling the CA admin" | |
mkdir -p organizations/peerOrganizations/org1.example.com/ | |
export FABRIC_CA_CLIENT_HOME=${PWD}/organizations/peerOrganizations/org1.example.com/ | |
set -x | |
fabric-ca-client reenroll --csr.keyrequest.reusekey -u https://admin:adminpw@localhost:7054 --caname ca-org1 --tls.certfiles "${PWD}/organizations/fabric-ca/org1/ca-cert.pem" | |
{ set +x; } 2>/dev/null | |
# Since the CA serves as both the organization CA and TLS CA, copy the org's root cert that was generated by CA startup into the org level ca and tlsca directories | |
# Copy org1's CA cert to org1's /msp/tlscacerts directory (for use in the channel MSP definition) | |
mkdir -p "${PWD}/organizations/peerOrganizations/org1.example.com/msp/tlscacerts" | |
cp "${PWD}/organizations/fabric-ca/org1/ca-cert.pem" "${PWD}/organizations/peerOrganizations/org1.example.com/msp/tlscacerts/ca.crt" | |
# Copy org1's CA cert to org1's /tlsca directory (for use by clients) | |
mkdir -p "${PWD}/organizations/peerOrganizations/org1.example.com/tlsca" | |
cp "${PWD}/organizations/fabric-ca/org1/ca-cert.pem" "${PWD}/organizations/peerOrganizations/org1.example.com/tlsca/tlsca.org1.example.com-cert.pem" | |
# Copy org1's CA cert to org1's /ca directory (for use by clients) | |
mkdir -p "${PWD}/organizations/peerOrganizations/org1.example.com/ca" | |
cp "${PWD}/organizations/fabric-ca/org1/ca-cert.pem" "${PWD}/organizations/peerOrganizations/org1.example.com/ca/ca.org1.example.com-cert.pem" | |
infoln "Generating the peer0 msp" | |
set -x | |
fabric-ca-client reenroll --csr.keyrequest.reusekey -u https://peer0:peer0pw@localhost:7054 --caname ca-org1 -M "${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/msp" --csr.hosts peer0.org1.example.com --tls.certfiles "${PWD}/organizations/fabric-ca/org1/ca-cert.pem" | |
{ set +x; } 2>/dev/null | |
cp "${PWD}/organizations/peerOrganizations/org1.example.com/msp/config.yaml" "${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/msp/config.yaml" | |
infoln "Generating the peer0-tls certificates" | |
set -x | |
fabric-ca-client reenroll --csr.keyrequest.reusekey -u https://peer0:peer0pw@localhost:7054 --caname ca-org1 -M "${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls" --enrollment.profile tls --csr.hosts peer0.org1.example.com --csr.hosts localhost --tls.certfiles "${PWD}/organizations/fabric-ca/org1/ca-cert.pem" | |
{ set +x; } 2>/dev/null | |
# Copy the tls CA cert, server cert, server keystore to well known file names in the peer's tls directory that are referenced by peer startup config | |
cp "${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/tlscacerts/"* "${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt" | |
cp "${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/signcerts/"* "${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.crt" | |
cp "${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/keystore/"* "${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.key" | |
infoln "Generating the user msp" | |
set -x | |
fabric-ca-client reenroll --csr.keyrequest.reusekey -u https://user1:user1pw@localhost:7054 --caname ca-org1 -M "${PWD}/organizations/peerOrganizations/org1.example.com/users/User1@org1.example.com/msp" --tls.certfiles "${PWD}/organizations/fabric-ca/org1/ca-cert.pem" | |
{ set +x; } 2>/dev/null | |
cp "${PWD}/organizations/peerOrganizations/org1.example.com/msp/config.yaml" "${PWD}/organizations/peerOrganizations/org1.example.com/users/User1@org1.example.com/msp/config.yaml" | |
infoln "Generating the org admin msp" | |
set -x | |
fabric-ca-client reenroll --csr.keyrequest.reusekey -u https://org1admin:org1adminpw@localhost:7054 --caname ca-org1 -M "${PWD}/organizations/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp" --tls.certfiles "${PWD}/organizations/fabric-ca/org1/ca-cert.pem" | |
{ set +x; } 2>/dev/null | |
cp "${PWD}/organizations/peerOrganizations/org1.example.com/msp/config.yaml" "${PWD}/organizations/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp/config.yaml" | |
} | |
function createOrderer() { | |
infoln "reenrolling the CA admin" | |
mkdir -p organizations/ordererOrganizations/example.com | |
export FABRIC_CA_CLIENT_HOME=${PWD}/organizations/ordererOrganizations/example.com | |
set -x | |
fabric-ca-client reenroll --csr.keyrequest.reusekey -u https://admin:adminpw@localhost:9054 --caname ca-orderer --tls.certfiles "${PWD}/organizations/fabric-ca/ordererOrg/ca-cert.pem" | |
{ set +x; } 2>/dev/null | |
# Since the CA serves as both the organization CA and TLS CA, copy the org's root cert that was generated by CA startup into the org level ca and tlsca directories | |
# Copy orderer org's CA cert to orderer org's /msp/tlscacerts directory (for use in the channel MSP definition) | |
mkdir -p "${PWD}/organizations/ordererOrganizations/example.com/msp/tlscacerts" | |
cp "${PWD}/organizations/fabric-ca/ordererOrg/ca-cert.pem" "${PWD}/organizations/ordererOrganizations/example.com/msp/tlscacerts/tlsca.example.com-cert.pem" | |
# Copy orderer org's CA cert to orderer org's /tlsca directory (for use by clients) | |
mkdir -p "${PWD}/organizations/ordererOrganizations/example.com/tlsca" | |
cp "${PWD}/organizations/fabric-ca/ordererOrg/ca-cert.pem" "${PWD}/organizations/ordererOrganizations/example.com/tlsca/tlsca.example.com-cert.pem" | |
infoln "Generating the orderer msp" | |
set -x | |
fabric-ca-client reenroll --csr.keyrequest.reusekey -u https://orderer:ordererpw@localhost:9054 --caname ca-orderer -M "${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/msp" --csr.hosts orderer.example.com --csr.hosts localhost --tls.certfiles "${PWD}/organizations/fabric-ca/ordererOrg/ca-cert.pem" | |
{ set +x; } 2>/dev/null | |
cp "${PWD}/organizations/ordererOrganizations/example.com/msp/config.yaml" "${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/msp/config.yaml" | |
infoln "Generating the orderer-tls certificates" | |
set -x | |
fabric-ca-client reenroll --csr.keyrequest.reusekey -u https://orderer:ordererpw@localhost:9054 --caname ca-orderer -M "${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls" --enrollment.profile tls --csr.hosts orderer.example.com --csr.hosts localhost --tls.certfiles "${PWD}/organizations/fabric-ca/ordererOrg/ca-cert.pem" | |
{ set +x; } 2>/dev/null | |
# Copy the tls CA cert, server cert, server keystore to well known file names in the orderer's tls directory that are referenced by orderer startup config | |
cp "${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls/tlscacerts/"* "${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls/ca.crt" | |
cp "${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls/signcerts/"* "${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls/server.crt" | |
cp "${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls/keystore/"* "${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls/server.key" | |
# Copy orderer org's CA cert to orderer's /msp/tlscacerts directory (for use in the orderer MSP definition) | |
mkdir -p "${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts" | |
cp "${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls/tlscacerts/"* "${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem" | |
infoln "Generating the admin msp" | |
set -x | |
fabric-ca-client reenroll --csr.keyrequest.reusekey -u https://ordererAdmin:ordererAdminpw@localhost:9054 --caname ca-orderer -M "${PWD}/organizations/ordererOrganizations/example.com/users/Admin@example.com/msp" --tls.certfiles "${PWD}/organizations/fabric-ca/ordererOrg/ca-cert.pem" | |
{ set +x; } 2>/dev/null | |
cp "${PWD}/organizations/ordererOrganizations/example.com/msp/config.yaml" "${PWD}/organizations/ordererOrganizations/example.com/users/Admin@example.com/msp/config.yaml" | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment