1. admincert.pem and peer.pem (the signcerts) are the same file.
2. config.yaml file contains things almost hardcoded.
3. key.pem is the private key to admincert.pem
Here are more detailed structures in terms of the various certificates for an org and the node in the org.
The following chart shows the various certs for an organization. There should be ca, tlsca and msp. ca and tlsca should be consist of a cert and its private key. The msp should contain its admin cert, ca cert and tlscacert. The ca cert and tlscacert under msp should be the same as in ca and tlsca. All these certs organized just to make sure that the msp directory contains necessary files which can be distributed. The ca and tlsca directory also contains the private key which should not be distributed. Also notice that the ca/ca.ordererorg-cert.pem is the same file as in msp/cacerts/ca.ordererorg-cert.pem (green boxed), and tlsca/tlsca.ordererorg-cert.pem is the same file as in msp/tlscacerts/tlsca.orderorg-cert.pem (red boxed)
the followingchart shows the various certs for a node within an organization.
1. There are two top directories, msp and tls
2. msp contains materials which a node (orderer or peer) msp configuration should point to. This directory also contains the organization ca certs
3. signcerts is the signing cert for the node, the keystore direcotry contains the private key for the signing cert.
4. tls contains the tls cert and key, tls/ca.crt is the same file as in organization's tlsca cert. Notice that tlsca file contained in two different directories even though they are the same file (red boxed).
Any thing that labeled ca will be the same as in the organization's certificates.
No comments:
Post a Comment