Skip to content
This repository was archived by the owner on Aug 7, 2019. It is now read-only.

Having issues connecting to membershipservice with HFC v0.6.2 #45

Closed
nemes1s opened this issue Sep 28, 2016 · 2 comments
Closed

Having issues connecting to membershipservice with HFC v0.6.2 #45

nemes1s opened this issue Sep 28, 2016 · 2 comments

Comments

@nemes1s
Copy link

nemes1s commented Sep 28, 2016
edited
Loading

Hello everyone! Trying to enroll user to bluemix membership service and keep getting code:2 error. Please help!
(the certificate is there and readable, errors would have risen otherwise)

Current test code:

var hfc = require('hfc');
var fs = require('fs');

// Create a client chain.
var chain = hfc.newChain("targetChain");
// Configure the KeyValStore which is used to store sensitive keys
// as so it is important to secure this storage.
chain.setKeyValStore(hfc.newFileKeyValStore('keyValStore-5874db24'));
var cert = fs.readFileSync('certificate.pem');

// Set the URL for member services
chain.setMemberServicesUrl("grpcs://5874db24-************_ca.us.blockchain.ibm.com:30303", {
    pem: cert
});

// Add a peer's URL
chain.addPeer("grpcs://5874db24-*************_vp0.us.blockchain.ibm.com:443", {pem: cert});

// Enroll "WebAppAdmin" which is already registered because it is
// listed in fabric/membersrvc/membersrvc.yaml with it's one time password.
chain.enroll("WebAppAdmin", "*****", function (err, webAppAdmin) {
    if (err) return console.log("ERROR: failed to register %s: %s", err);
    // Set this user as the chain's registrar which is authorized to register other users.
    chain.setRegistrar(webAppAdmin);
    // Begin listening for web app requests
    //  listenForUserRequests();
});

Console output:

>node hfc-test.js
  hfc Enrolling [req={"enrollmentID":"WebAppAdmin","enrollmentSecret":"****"}] +0ms
  hfc [MemberServicesImpl.enroll] [{"enrollmentID":"WebAppAdmin","enrollmentSecret":"****"}] +2ms
  hfc [MemberServicesImpl.enroll] Generating keys... +1ms
  hfc [MemberServicesImpl.enroll] Generating keys...done! +94ms
  hfc [MemberServicesImpl.enroll] Generating request! "3059301306072a8648ce3d020106082a8648ce3d0301070342000423c7c1f6635d6bda275af58774300d770ef36cdf2084f8e1792c4631698e53e9f3b634ace10f85663eadd6ee3e6682
fe2ed84bd4e73d994087e2e7f4082b92c6" +3ms
  hfc [MemberServicesImpl.enroll] Adding signing key! +1ms
  hfc [MemberServicesImpl.enroll] Assding encryption key! +0ms
  hfc [MemberServicesImpl.enroll] [Contact ECA] {"ts":{"seconds":{"low":1475072244,"high":0,"unsigned":false},"nanos":0},"id":{"id":"WebAppAdmin"},"tok":{"tok":{"buffer":{"type":"Buffer","data":[56,102,5
6,102,53,97,52,99,49,55]},"offset":0,"markedOffset":-1,"limit":10,"littleEndian":false,"noAssert":false}},"sign":{"type":0,"key":{"buffer":{"type":"Buffer","data":[48,89,48,19,6,7,42,134,72,206,61,2,1,6,
8,42,134,72,206,61,3,1,7,3,66,0,4,35,199,193,246,99,93,107,218,39,90,245,135,116,48,13,119,14,243,108,223,32,132,248,225,121,44,70,49,105,142,83,233,243,182,52,172,225,15,133,102,62,173,214,238,62,102,13
0,254,46,216,75,212,231,61,153,64,135,226,231,244,8,43,146,198]},"offset":0,"markedOffset":-1,"limit":91,"littleEndian":false,"noAssert":false}},"enc":{"type":0,"key":{"buffer":{"type":"Buffer","data":[4
8,89,48,19,6,7,42,134,72,206,61,2,1,6,8,42,134,72,206,61,3,1,7,3,66,0,4,27,107,88,55,155,33,168,93,186,55,75,39,143,244,148,172,181,209,159,88,189,236,16,123,61,145,123,7,193,78,179,194,3,109,52,160,108,
111,159,178,5,127,64,23,248,26,210,155,191,24,218,54,84,212,186,83,232,181,60,22,238,88,246,216]},"offset":0,"markedOffset":-1,"limit":91,"littleEndian":false,"noAssert":false}},"sig":null}  +0ms
  hfc [MemberServicesImpl.enroll] failed to create cert pair: err={"code":2,"metadata":{"_internal_repr":{}}} +1s
  hfc [memberServices.enroll] err=Error: Identity or token does not match., enrollment=undefined +0ms
ERROR: failed to register Error: Identity or token does not match.: %s
@angrbrd
Copy link

angrbrd commented Sep 29, 2016

Hi @nemes1s

There are a couple things that I am seeing here as possibilities.

First of all, if you are using the Bluemix network as your backend, then you should be using the latest version of 0.5.x of hfc, as the Bluemix network is running the 0.5-developer-preview branch of Hyperledger fabric. So please switch to using hfc@0.5.3 if you will continue to run against Bluemix.

Furthermore, please make sure that the enrollment password that you are using for WebAppAdmin is the correct one, which is passed back to you from Bluemix when you deploy the network.

Lastly, regarding your specific error message: Identity or token does not match. In the vast majority of cases that indicates that your local KeyValStore and the remote membership service database are out of sync. That typically means that you have tried to enroll before, but subsequently deleted your local crypto material. Keep in mind that the enrollment process with membership services works only once. If you have successfully enrolled once and then deleted the locally stored crypto, you will not be able to enroll again. That essentially renders your network useless as the WebAppAdmin user will not able to enroll. The advice here is to tear down the existing network and deploy a new one, obtain the new credentials from Bluemix, and enroll one again.

Please give these suggestions a try and let me know if you're able to make progress.

Thanks!

@nemes1s
Copy link
Author

nemes1s commented Oct 3, 2016

Thanks a lot! The progress have been made with new blockchain instance in bluemix.

@nemes1s nemes1s closed this as completed Oct 3, 2016
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@nemes1s @angrbrd