在docker-compose-cli.yaml , peer-base.yaml和docker-compose-base.yaml配置文件中找到关于cli,order和peer的tls配置,把TLS_ENABLED改为true.然后下面的证书,私钥和根证书的路径改为本项目中crypto-config下面的文件.
cli和peer:
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.wisedu.com/peers/peer0.org1.wisedu.com/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.wisedu.com/peers/peer0.org1.wisedu.com
- CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.wisedu.com/peers/peer0.org1.wisedu.com/tls/ca.crt
orderer:
- ORDERER_GENERAL_TLS_ENABLED=true
- ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt
我们发现上面的路径并不是项目下的路径,因为volumes下面把本地路径映射成了docker的虚拟路径,通过虚拟路径找到对应的本地路径就能找到证书和私钥
volumes:
- /var/run/:/host/var/run/
- ../crypto-config/peerOrganizations/org1.wisedu.com/peers/peer0.org1.wisedu.com/msp:/etc/hyperledger/fabric/msp
- ../crypto-config/peerOrganizations/org1.wisedu.com/peers/peer0.org1.wisedu.com/tls:/etc/hyperledger/fabric/tls