Findings of the fabric cryptogen

Hyperledger fabric cryptongen is an utility to generate a set of certificates and private keys. It will take a yaml file normally named crypto-config.yaml to produce a set of files. Here is a structure for an organization.

Each ca should have its cert and private key.

Each org (peer or orderer org) should have its admin user and other users.

Each node (peer or orderer node) should have its signcert and private key (file in keystore directory).

Directories such as admincerts, cacerts and tlscacerts under each peer or orderer node msp directory contain admin cert, ca cert and tls ca certs.

Either a user or node (peer or orderer node) should also have its tls directory which is parallel to msp directory. tls directory contains ca.crt, server.crt and server.key


started in version 1.4.3, cryptogen no longer places the admin cert in the admincert folder under any msp directory. Even though the direcctory still gets created, it remains empty.