creating orderer genesis block without cryptogen

1
votes

I am currently trying to build a production hyperledger-fabric setup. Therefore I am using a CA instead of cryptogen. My structure looks like this:

  • orderer
  • org1
    • peer0.org1
    • peer1.org1
  • org2
    • peer0.org2
    • peer1.org2

and I have 2 CAs (1 for every org). I have registered and enrolled orderer, peer0.org1, peer1.org1 and Org1Admin @CA1 and peer0.org2, peer1.org2 and Org2Admin @CA2. The orderer has ROOT_CERTS of both CAs.

But how can I create the orderer genesis block based of those MSPs? The configtx.yaml asks for an 'MSPDir' when describing the organizations, but I don't have an MSP directory for the organization itself, I only got the MSPs of the identites. Do I have to set up a specific folder structure for this?

2
sslhyperledger-fabrichyperledger-fabric-ca

2 Answers

2
votes

you should create a msp directory for each of the organizations, including admincerts and cacerts.

if your tls is enable, you need tlscacerts.

if you have Intermediate CA, you need intermediatecerts too.

you can read this document for complete information.

1
votes

You need to manually setup the MSP folder structure for an organization. Typically for any organization without TLS enabled and no Intermediate CA, it should have cacerts folder, admincerts folder. cacerts folder root CA certificates, admin certs hold the admin certificates for that organization.

You need to point MSPDir in configtx.yaml to this organization msp folder.