fabric-ca部署及证书颁发

1、选择Docker容器方式部署（两种方式部署1、命令行；2、Docker容器）,3个根证书ca_org1、ca_org2、ca_orderer：

docker-compose-ca.yaml

?

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50

# Copyright IBM Corp. All Rights Reserved. # # SPDX-License-Identifier: Apache-2.0 #   version: '2'   services:   ca_org1: image: hyperledger/fabric-ca:1.4 environment: - FABRIC_CA_HOME=/etc/hyperledger/fabric-ca-server - FABRIC_CA_SERVER_CA_NAME=ca-org1 - FABRIC_CA_SERVER_TLS_ENABLED=true - FABRIC_CA_SERVER_PORT=7054 ports: - "7054:7054" command: sh -c 'fabric-ca-server start -b admin:adminpw -d' volumes: - ./organizations/fabric-ca/org1:/etc/hyperledger/fabric-ca-server container_name: ca_org1   ca_org2: image: hyperledger/fabric-ca:1.4 environment: - FABRIC_CA_HOME=/etc/hyperledger/fabric-ca-server - FABRIC_CA_SERVER_CA_NAME=ca-org2 - FABRIC_CA_SERVER_TLS_ENABLED=true - FABRIC_CA_SERVER_PORT=8054 ports: - "8054:8054" command: sh -c 'fabric-ca-server start -b admin:adminpw -d' volumes: - ./organizations/fabric-ca/org2:/etc/hyperledger/fabric-ca-server container_name: ca_org2   ca_orderer: image: hyperledger/fabric-ca:1.4 environment: - FABRIC_CA_HOME=/etc/hyperledger/fabric-ca-server - FABRIC_CA_SERVER_CA_NAME=ca-orderer - FABRIC_CA_SERVER_TLS_ENABLED=true - FABRIC_CA_SERVER_PORT=9054 ports: - "9054:9054" command: sh -c 'fabric-ca-server start -b admin:adminpw -d' volumes: - ./organizations/fabric-ca/ordererOrg:/etc/hyperledger/fabric-ca-server container_name: ca_orderer

2、修改配置文件fabric-ca-server-config.yaml，将数据库改成mysql,配置文件路径见docker-compose volumes。

修改ca_org1示例,ca_org2与ca_orderer同下：

 

?

1 2 3 4 5 6 7 8 9

db:   type: mysql   datasource: root:password@tcp(10.20.31.113:3306)/ca_org1?parseTime=true   tls:       enabled: false       certfiles:       client:         certfile:         keyfile:

 注意：需要修改数据库配置，不然报– Invalid default value for ‘字段名’错误

sql_mode=ONLY_FULL_GROUP_BY,STRICT_TRANS_TABLES,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION

3、启动fabric-ca命令

 docker-compose -f docker-compose-ca.yaml up -d    

  关闭fabric-ca命令为： docker-compose -f docker-compose-ca.yaml down --volumes --remove-orphans

4、根据fabric网络架构图颁发证书，此示例网络结构如下图

颁发org1组织证书脚本：

+ View Code?

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129

function createOrg1 {   echo echo "Enroll the CA admin" echo mkdir -p organizations/peerOrganizations/org1.example.com/   export FABRIC_CA_CLIENT_HOME=${PWD}/organizations/peerOrganizations/org1.example.com/   set -x fabric-ca-client enroll -u https://admin:adminpw@localhost:7054 --caname ca-org1 --tls.certfiles ${PWD}/organizations/fabric-ca/org1/tls-cert.pem set +x   echo 'NodeOUs: Enable: true ClientOUIdentifier: Certificate: cacerts/localhost-7054-ca-org1.pem OrganizationalUnitIdentifier: client PeerOUIdentifier: Certificate: cacerts/localhost-7054-ca-org1.pem OrganizationalUnitIdentifier: peer AdminOUIdentifier: Certificate: cacerts/localhost-7054-ca-org1.pem OrganizationalUnitIdentifier: admin OrdererOUIdentifier: Certificate: cacerts/localhost-7054-ca-org1.pem OrganizationalUnitIdentifier: orderer' > ${PWD}/organizations/peerOrganizations/org1.example.com/msp/config.yaml   echo echo "Register peer0" echo set -x fabric-ca-client register --caname ca-org1 --id.name peer0 --id.secret peer0pw --id.type peer --id.attrs '"hf.Registrar.Roles=peer"' --tls.certfiles ${PWD}/organizations/fabric-ca/org1/tls-cert.pem set +x echo echo "Register peer1" echo set -x fabric-ca-client register --caname ca-org1 --id.name peer1 --id.secret peer1pw --id.type peer --id.attrs '"hf.Registrar.Roles=peer"' --tls.certfiles ${PWD}/organizations/fabric-ca/org1/tls-cert.pem set +x   echo echo "Register user" echo set -x fabric-ca-client register --caname ca-org1 --id.name user1 --id.secret user1pw --id.type client --id.attrs '"hf.Registrar.Roles=client"' --tls.certfiles ${PWD}/organizations/fabric-ca/org1/tls-cert.pem set +x   echo echo "Register the org admin" echo set -x fabric-ca-client register --caname ca-org1 --id.name org1admin --id.secret org1adminpw --id.type admin --id.attrs '"hf.Registrar.Roles=admin"' --tls.certfiles ${PWD}/organizations/fabric-ca/org1/tls-cert.pem set +x   mkdir -p organizations/peerOrganizations/org1.example.com/peers mkdir -p organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com mkdir -p organizations/peerOrganizations/org1.example.com/peers/peer1.org1.example.com   echo echo "## Generate the peer0 msp" echo set -x fabric-ca-client enroll -u https://peer0:peer0pw@localhost:7054 --caname ca-org1 -M ${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/msp --csr.hosts peer0.org1.example.com --tls.certfiles ${PWD}/organizations/fabric-ca/org1/tls-cert.pem set +x   echo echo "## Generate the peer1 msp" echo set -x fabric-ca-client enroll -u https://peer1:peer1pw@localhost:7054 --caname ca-org1 -M ${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer1.org1.example.com/msp --csr.hosts peer1.org1.example.com --tls.certfiles ${PWD}/organizations/fabric-ca/org1/tls-cert.pem set +x   cp ${PWD}/organizations/peerOrganizations/org1.example.com/msp/config.yaml${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/msp/config.yaml cp ${PWD}/organizations/peerOrganizations/org1.example.com/msp/config.yaml${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer1.org1.example.com/msp/config.yaml   echo echo "## Generate the peer0-tls certificates" echo set -x fabric-ca-client enroll -u https://peer0:peer0pw@localhost:7054 --caname ca-org1 -M ${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls --enrollment.profile tls --csr.hosts peer0.org1.example.com--csr.hosts localhost --tls.certfiles ${PWD}/organizations/fabric-ca/org1/tls-cert.pem set +x echo echo "## Generate the peer1-tls certificates" echo set -x fabric-ca-client enroll -u https://peer1:peer1pw@localhost:7054 --caname ca-org1 -M ${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer1.org1.example.com/tls --enrollment.profile tls --csr.hosts peer1.org1.example.com--csr.hosts localhost --tls.certfiles ${PWD}/organizations/fabric-ca/org1/tls-cert.pem set +x     cp ${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/tlscacerts/*${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt cp ${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/signcerts/*${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.crt cp ${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/keystore/*${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.key cp ${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer1.org1.example.com/tls/tlscacerts/*${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer1.org1.example.com/tls/ca.crt cp ${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer1.org1.example.com/tls/signcerts/*${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer1.org1.example.com/tls/server.crt cp ${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer1.org1.example.com/tls/keystore/*${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer1.org1.example.com/tls/server.key     mkdir ${PWD}/organizations/peerOrganizations/org1.example.com/msp/tlscacerts cp ${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/tlscacerts/*${PWD}/organizations/peerOrganizations/org1.example.com/msp/tlscacerts/ca.crt   mkdir ${PWD}/organizations/peerOrganizations/org1.example.com/tlsca cp ${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/tlscacerts/*${PWD}/organizations/peerOrganizations/org1.example.com/tlsca/tlsca.org1.example.com-cert.pem   mkdir ${PWD}/organizations/peerOrganizations/org1.example.com/ca cp ${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/msp/cacerts/*${PWD}/organizations/peerOrganizations/org1.example.com/ca/ca.org1.example.com-cert.pem   mkdir -p organizations/peerOrganizations/org1.example.com/users mkdir -p organizations/peerOrganizations/org1.example.com/users/User1@org1.example.com   echo echo "## Generate the user msp" echo set -x fabric-ca-client enroll -u https://user1:user1pw@localhost:7054 --caname ca-org1 -M ${PWD}/organizations/peerOrganizations/org1.example.com/users/User1@org1.example.com/msp --tls.certfiles ${PWD}/organizations/fabric-ca/org1/tls-cert.pem set +x   mkdir -p organizations/peerOrganizations/org1.example.com/users/Admin@org1.example.com   echo echo "## Generate the org admin msp" echo set -x fabric-ca-client enroll -u https://org1admin:org1adminpw@localhost:7054 --caname ca-org1 -M ${PWD}/organizations/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp --tls.certfiles ${PWD}/organizations/fabric-ca/org1/tls-cert.pem set +x   cp ${PWD}/organizations/peerOrganizations/org1.example.com/msp/config.yaml${PWD}/organizations/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp/config.yaml   }

颁发org2证书脚本：

?

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127

function createOrg2 {   echo echo "Enroll the CA admin" echo mkdir -p organizations/peerOrganizations/org2.example.com/   export FABRIC_CA_CLIENT_HOME=${PWD}/organizations/peerOrganizations/org2.example.com/ set -x fabric-ca-client enroll -u https://admin:adminpw@localhost:8054 --caname ca-org2 --tls.certfiles ${PWD}/organizations/fabric-ca/org2/tls-cert.pem set +x   echo 'NodeOUs: Enable: true ClientOUIdentifier: Certificate: cacerts/localhost-8054-ca-org2.pem OrganizationalUnitIdentifier: client PeerOUIdentifier: Certificate: cacerts/localhost-8054-ca-org2.pem OrganizationalUnitIdentifier: peer AdminOUIdentifier: Certificate: cacerts/localhost-8054-ca-org2.pem OrganizationalUnitIdentifier: admin OrdererOUIdentifier: Certificate: cacerts/localhost-8054-ca-org2.pem OrganizationalUnitIdentifier: orderer' > ${PWD}/organizations/peerOrganizations/org2.example.com/msp/config.yaml   echo echo "Register peer0" echo set -x fabric-ca-client register --caname ca-org2 --id.name peer0 --id.secret peer0pw --id.type peer --id.attrs '"hf.Registrar.Roles=peer"' --tls.certfiles ${PWD}/organizations/fabric-ca/org2/tls-cert.pem set +x echo echo "Register peer1" echo set -x fabric-ca-client register --caname ca-org2 --id.name peer1 --id.secret peer1pw --id.type peer --id.attrs '"hf.Registrar.Roles=peer"' --tls.certfiles ${PWD}/organizations/fabric-ca/org2/tls-cert.pem set +x   echo echo "Register user" echo set -x fabric-ca-client register --caname ca-org2 --id.name user1 --id.secret user1pw --id.type client --id.attrs '"hf.Registrar.Roles=client"' --tls.certfiles ${PWD}/organizations/fabric-ca/org2/tls-cert.pem set +x   echo echo "Register the org admin" echo set -x fabric-ca-client register --caname ca-org2 --id.name org2admin --id.secret org2adminpw --id.type admin --id.attrs '"hf.Registrar.Roles=admin"' --tls.certfiles ${PWD}/organizations/fabric-ca/org2/tls-cert.pem set +x   mkdir -p organizations/peerOrganizations/org2.example.com/peers mkdir -p organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com mkdir -p organizations/peerOrganizations/org2.example.com/peers/peer1.org2.example.com   echo echo "## Generate the peer0 msp" echo set -x fabric-ca-client enroll -u https://peer0:peer0pw@localhost:8054 --caname ca-org2 -M ${PWD}/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/msp --csr.hosts peer0.org2.example.com --tls.certfiles ${PWD}/organizations/fabric-ca/org2/tls-cert.pem set +x   echo echo "## Generate the peer1 msp" echo set -x fabric-ca-client enroll -u https://peer1:peer1pw@localhost:8054 --caname ca-org2 -M ${PWD}/organizations/peerOrganizations/org2.example.com/peers/peer1.org2.example.com/msp --csr.hosts peer1.org2.example.com --tls.certfiles ${PWD}/organizations/fabric-ca/org2/tls-cert.pem set +x   cp ${PWD}/organizations/peerOrganizations/org2.example.com/msp/config.yaml${PWD}/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/msp/config.yaml cp ${PWD}/organizations/peerOrganizations/org2.example.com/msp/config.yaml${PWD}/organizations/peerOrganizations/org2.example.com/peers/peer1.org2.example.com/msp/config.yaml   echo echo "## Generate the peer0-tls certificates" echo set -x fabric-ca-client enroll -u https://peer0:peer0pw@localhost:8054 --caname ca-org2 -M ${PWD}/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls --enrollment.profile tls --csr.hosts peer0.org2.example.com--csr.hosts localhost --tls.certfiles ${PWD}/organizations/fabric-ca/org2/tls-cert.pem set +x echo echo "## Generate the peer1-tls certificates" echo set -x fabric-ca-client enroll -u https://peer1:peer1pw@localhost:8054 --caname ca-org2 -M ${PWD}/organizations/peerOrganizations/org2.example.com/peers/peer1.org2.example.com/tls --enrollment.profile tls --csr.hosts peer1.org2.example.com--csr.hosts localhost --tls.certfiles ${PWD}/organizations/fabric-ca/org2/tls-cert.pem set +x     cp ${PWD}/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/tlscacerts/*${PWD}/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt cp ${PWD}/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/signcerts/*${PWD}/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/server.crt cp ${PWD}/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/keystore/*${PWD}/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/server.key cp ${PWD}/organizations/peerOrganizations/org2.example.com/peers/peer1.org2.example.com/tls/tlscacerts/*${PWD}/organizations/peerOrganizations/org2.example.com/peers/peer1.org2.example.com/tls/ca.crt cp ${PWD}/organizations/peerOrganizations/org2.example.com/peers/peer1.org2.example.com/tls/signcerts/*${PWD}/organizations/peerOrganizations/org2.example.com/peers/peer1.org2.example.com/tls/server.crt cp ${PWD}/organizations/peerOrganizations/org2.example.com/peers/peer1.org2.example.com/tls/keystore/*${PWD}/organizations/peerOrganizations/org2.example.com/peers/peer1.org2.example.com/tls/server.key   mkdir ${PWD}/organizations/peerOrganizations/org2.example.com/msp/tlscacerts cp ${PWD}/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/tlscacerts/*${PWD}/organizations/peerOrganizations/org2.example.com/msp/tlscacerts/ca.crt   mkdir ${PWD}/organizations/peerOrganizations/org2.example.com/tlsca cp ${PWD}/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/tlscacerts/*${PWD}/organizations/peerOrganizations/org2.example.com/tlsca/tlsca.org2.example.com-cert.pem   mkdir ${PWD}/organizations/peerOrganizations/org2.example.com/ca cp ${PWD}/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/msp/cacerts/*${PWD}/organizations/peerOrganizations/org2.example.com/ca/ca.org2.example.com-cert.pem   mkdir -p organizations/peerOrganizations/org2.example.com/users mkdir -p organizations/peerOrganizations/org2.example.com/users/User1@org2.example.com   echo echo "## Generate the user msp" echo set -x fabric-ca-client enroll -u https://user1:user1pw@localhost:8054 --caname ca-org2 -M ${PWD}/organizations/peerOrganizations/org2.example.com/users/User1@org2.example.com/msp --tls.certfiles ${PWD}/organizations/fabric-ca/org2/tls-cert.pem set +x   mkdir -p organizations/peerOrganizations/org2.example.com/users/Admin@org2.example.com   echo echo "## Generate the org admin msp" echo set -x fabric-ca-client enroll -u https://org2admin:org2adminpw@localhost:8054 --caname ca-org2 -M ${PWD}/organizations/peerOrganizations/org2.example.com/users/Admin@org2.example.com/msp --tls.certfiles ${PWD}/organizations/fabric-ca/org2/tls-cert.pem set +x   cp ${PWD}/organizations/peerOrganizations/org2.example.com/msp/config.yaml${PWD}/organizations/peerOrganizations/org2.example.com/users/Admin@org2.example.com/msp/config.yaml   }

?

1	颁发oderer证书脚本：

?

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153

function createOrderer {   echo echo "Enroll the CA admin" echo mkdir -p organizations/ordererOrganizations/example.com   export FABRIC_CA_CLIENT_HOME=${PWD}/organizations/ordererOrganizations/example.com   set -x fabric-ca-client enroll -u https://admin:adminpw@localhost:9054 --caname ca-orderer --tls.certfiles ${PWD}/organizations/fabric-ca/ordererOrg/tls-cert.pem set +x   echo 'NodeOUs: Enable: true ClientOUIdentifier: Certificate: cacerts/localhost-9054-ca-orderer.pem OrganizationalUnitIdentifier: client PeerOUIdentifier: Certificate: cacerts/localhost-9054-ca-orderer.pem OrganizationalUnitIdentifier: peer AdminOUIdentifier: Certificate: cacerts/localhost-9054-ca-orderer.pem OrganizationalUnitIdentifier: admin OrdererOUIdentifier: Certificate: cacerts/localhost-9054-ca-orderer.pem OrganizationalUnitIdentifier: orderer' > ${PWD}/organizations/ordererOrganizations/example.com/msp/config.yaml   echo echo "Register orderer" echo set -x fabric-ca-client register --caname ca-orderer --id.name orderer --id.secret ordererpw --id.type orderer --id.attrs '"hf.Registrar.Roles=orderer"' --tls.certfiles ${PWD}/organizations/fabric-ca/ordererOrg/tls-cert.pem set +x set -x fabric-ca-client register --caname ca-orderer --id.name orderer2 --id.secret orderer2pw --id.type orderer --id.attrs '"hf.Registrar.Roles=orderer"' --tls.certfiles ${PWD}/organizations/fabric-ca/ordererOrg/tls-cert.pem set +x set -x fabric-ca-client register --caname ca-orderer --id.name orderer3 --id.secret orderer3pw --id.type orderer --id.attrs '"hf.Registrar.Roles=orderer"' --tls.certfiles ${PWD}/organizations/fabric-ca/ordererOrg/tls-cert.pem set +x set -x fabric-ca-client register --caname ca-orderer --id.name orderer4 --id.secret orderer4pw --id.type orderer --id.attrs '"hf.Registrar.Roles=orderer"' --tls.certfiles ${PWD}/organizations/fabric-ca/ordererOrg/tls-cert.pem set +x set -x fabric-ca-client register --caname ca-orderer --id.name orderer5 --id.secret orderer5pw --id.type orderer --id.attrs '"hf.Registrar.Roles=orderer"' --tls.certfiles ${PWD}/organizations/fabric-ca/ordererOrg/tls-cert.pem set +x   echo echo "Register the orderer admin" echo set -x fabric-ca-client register --caname ca-orderer --id.name ordererAdmin --id.secret ordererAdminpw --id.type admin --id.attrs '"hf.Registrar.Roles=admin"' --tls.certfiles ${PWD}/organizations/fabric-ca/ordererOrg/tls-cert.pem set +x   mkdir -p organizations/ordererOrganizations/example.com/orderers   mkdir -p organizations/ordererOrganizations/example.com/orderers/orderer.example.com mkdir -p organizations/ordererOrganizations/example.com/orderers/orderer2.example.com mkdir -p organizations/ordererOrganizations/example.com/orderers/orderer3.example.com mkdir -p organizations/ordererOrganizations/example.com/orderers/orderer4.example.com mkdir -p organizations/ordererOrganizations/example.com/orderers/orderer5.example.com   echo echo "## Generate the orderer msp" echo set -x fabric-ca-client enroll -u https://orderer:ordererpw@localhost:9054 --caname ca-orderer -M ${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/msp --csr.hosts orderer.example.com --tls.certfiles ${PWD}/organizations/fabric-ca/ordererOrg/tls-cert.pem set +x set -x fabric-ca-client enroll -u https://orderer2:orderer2pw@localhost:9054 --caname ca-orderer -M ${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer2.example.com/msp --csr.hosts orderer2.example.com --tls.certfiles ${PWD}/organizations/fabric-ca/ordererOrg/tls-cert.pem set +x set -x fabric-ca-client enroll -u https://orderer3:orderer3pw@localhost:9054 --caname ca-orderer -M ${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer3.example.com/msp --csr.hosts orderer3.example.com --tls.certfiles ${PWD}/organizations/fabric-ca/ordererOrg/tls-cert.pem set +x set -x fabric-ca-client enroll -u https://orderer4:orderer4pw@localhost:9054 --caname ca-orderer -M ${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer4.example.com/msp --csr.hosts orderer4.example.com --tls.certfiles ${PWD}/organizations/fabric-ca/ordererOrg/tls-cert.pem set +x set -x fabric-ca-client enroll -u https://orderer5:orderer5pw@localhost:9054 --caname ca-orderer -M ${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer5.example.com/msp --csr.hosts orderer5.example.com --tls.certfiles ${PWD}/organizations/fabric-ca/ordererOrg/tls-cert.pem set +x     cp ${PWD}/organizations/ordererOrganizations/example.com/msp/config.yaml${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/msp/config.yaml cp ${PWD}/organizations/ordererOrganizations/example.com/msp/config.yaml${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer2.example.com/msp/config.yaml cp ${PWD}/organizations/ordererOrganizations/example.com/msp/config.yaml${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer3.example.com/msp/config.yaml cp ${PWD}/organizations/ordererOrganizations/example.com/msp/config.yaml${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer4.example.com/msp/config.yaml cp ${PWD}/organizations/ordererOrganizations/example.com/msp/config.yaml${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer5.example.com/msp/config.yaml   echo echo "## Generate the orderer-tls certificates" echo set -x fabric-ca-client enroll -u https://orderer:ordererpw@localhost:9054 --caname ca-orderer -M ${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls --enrollment.profile tls --csr.hosts orderer.example.com --tls.certfiles ${PWD}/organizations/fabric-ca/ordererOrg/tls-cert.pem set +x set -x fabric-ca-client enroll -u https://orderer2:orderer2pw@localhost:9054 --caname ca-orderer -M ${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer2.example.com/tls --enrollment.profile tls --csr.hosts orderer2.example.com --tls.certfiles ${PWD}/organizations/fabric-ca/ordererOrg/tls-cert.pem set +x set -x fabric-ca-client enroll -u https://orderer3:orderer3pw@localhost:9054 --caname ca-orderer -M ${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer3.example.com/tls --enrollment.profile tls --csr.hosts orderer3.example.com --tls.certfiles ${PWD}/organizations/fabric-ca/ordererOrg/tls-cert.pem set +x set -x fabric-ca-client enroll -u https://orderer4:orderer4pw@localhost:9054 --caname ca-orderer -M ${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer4.example.com/tls --enrollment.profile tls --csr.hosts orderer4.example.com --tls.certfiles ${PWD}/organizations/fabric-ca/ordererOrg/tls-cert.pem set +x set -x fabric-ca-client enroll -u https://orderer5:orderer5pw@localhost:9054 --caname ca-orderer -M ${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer5.example.com/tls --enrollment.profile tls --csr.hosts orderer5.example.com --tls.certfiles ${PWD}/organizations/fabric-ca/ordererOrg/tls-cert.pem set +x   cp ${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls/tlscacerts/*${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls/ca.crt cp ${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls/signcerts/*${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls/server.crt cp ${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls/keystore/*${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls/server.key   cp ${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer2.example.com/tls/tlscacerts/*${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer2.example.com/tls/ca.crt cp ${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer2.example.com/tls/signcerts/*${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer2.example.com/tls/server.crt cp ${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer2.example.com/tls/keystore/*${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer2.example.com/tls/server.key   cp ${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer3.example.com/tls/tlscacerts/*${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer3.example.com/tls/ca.crt cp ${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer3.example.com/tls/signcerts/*${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer3.example.com/tls/server.crt cp ${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer3.example.com/tls/keystore/*${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer3.example.com/tls/server.key   cp ${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer4.example.com/tls/tlscacerts/*${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer4.example.com/tls/ca.crt cp ${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer4.example.com/tls/signcerts/*${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer4.example.com/tls/server.crt cp ${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer4.example.com/tls/keystore/*${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer4.example.com/tls/server.key   cp ${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer5.example.com/tls/tlscacerts/*${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer5.example.com/tls/ca.crt cp ${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer5.example.com/tls/signcerts/*${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer5.example.com/tls/server.crt cp ${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer5.example.com/tls/keystore/*${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer5.example.com/tls/server.key   mkdir ${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts cp ${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls/tlscacerts/*${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert. mkdir ${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer2.example.com/msp/tlscacerts cp ${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer2.example.com/tls/tlscacerts/*${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer2.example.com/msp/tlscacerts/tlsca.example.com-cert.pem mkdir ${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer3.example.com/msp/tlscacerts cp ${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer3.example.com/tls/tlscacerts/*${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer3.example.com/msp/tlscacerts/tlsca.example.com-cert.pem mkdir ${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer4.example.com/msp/tlscacerts cp ${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer4.example.com/tls/tlscacerts/*${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer4.example.com/msp/tlscacerts/tlsca.example.com-cert.pem mkdir ${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer5.example.com/msp/tlscacerts cp ${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer5.example.com/tls/tlscacerts/*${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer5.example.com/msp/tlscacerts/tlsca.example.com-cert.pem   mkdir ${PWD}/organizations/ordererOrganizations/example.com/msp/tlscacerts cp ${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls/tlscacerts/*${PWD}/organizations/ordererOrganizations/example.com/msp/tlscacerts/tlsca.example.com-cert.pem   mkdir -p organizations/ordererOrganizations/example.com/users mkdir -p organizations/ordererOrganizations/example.com/users/Admin@example.com   echo echo "## Generate the admin msp" echo set -x fabric-ca-client enroll -u https://ordererAdmin:ordererAdminpw@localhost:9054 --caname ca-orderer -M ${PWD}/organizations/ordererOrganizations/example.com/users/Admin@example.com/msp --tls.certfiles ${PWD}/organizations/fabric-ca/ordererOrg/tls-cert.pem set +x   cp ${PWD}/organizations/ordererOrganizations/example.com/msp/config.yaml${PWD}/organizations/ordererOrganizations/example.com/users/Admin@example.com/msp/config.yaml }

5、执行脚本生成证书：

/root/ca目录下执行命令 

 . organizations/fabric-ca/registerOrg1.sh 

 createOrg1

 . organizations/fabric-ca/registerOrg2.sh 

 createOrg2

 . organizations/fabric-ca/registerOrderer.sh 

createOrderer

6、查看生成证书结构：

organizations/peerOrganizations/
├── org1.example.com
│   ├── ca
│   │   └── ca.org1.example.com-cert.pem
│   ├── fabric-ca-client-config.yaml
│   ├── msp
│   │   ├── cacerts
│   │   │   └── localhost-7054-ca-org1.pem
│   │   ├── config.yaml
│   │   ├── IssuerPublicKey
│   │   ├── IssuerRevocationPublicKey
│   │   ├── keystore
│   │   │   └── 7f6bafca12f99f05fee83492cd9c8de936296cdde68f47ac44379754be17cddc_sk
│   │   ├── signcerts
│   │   │   └── cert.pem
│   │   ├── tlscacerts
│   │   │   └── ca.crt
│   │   └── user
│   ├── peers
│   │   ├── peer0.org1.example.com
│   │   │   ├── msp
│   │   │   │   ├── cacerts
│   │   │   │   │   └── localhost-7054-ca-org1.pem
│   │   │   │   ├── config.yaml
│   │   │   │   ├── IssuerPublicKey
│   │   │   │   ├── IssuerRevocationPublicKey
│   │   │   │   ├── keystore
│   │   │   │   │   └── 70d18435f329f0a468e7d391d223b88c093d79ac0132f0d438ef41acd7f6ccd4_sk
│   │   │   │   ├── signcerts
│   │   │   │   │   └── cert.pem
│   │   │   │   └── user
│   │   │   └── tls
│   │   │   ├── cacerts
│   │   │   ├── ca.crt
│   │   │   ├── IssuerPublicKey
│   │   │   ├── IssuerRevocationPublicKey
│   │   │   ├── keystore
│   │   │   │   └── 699e5e42b2cd62bcfccc7a14f507d12b4c6edbe0be94fd7c1572d73d3a161a0a_sk
│   │   │   ├── server.crt
│   │   │   ├── server.key
│   │   │   ├── signcerts
│   │   │   │   └── cert.pem
│   │   │   ├── tlscacerts
│   │   │   │   └── tls-localhost-7054-ca-org1.pem
│   │   │   └── user
│   │   └── peer1.org1.example.com
│   │   ├── msp
│   │   │   ├── cacerts
│   │   │   │   └── localhost-7054-ca-org1.pem
│   │   │   ├── config.yaml
│   │   │   ├── IssuerPublicKey
│   │   │   ├── IssuerRevocationPublicKey
│   │   │   ├── keystore
│   │   │   │   └── 146a09a99fe173aa3e64e0d02c00ff49c55646cc7b1b1ea401090067d8affc80_sk
│   │   │   ├── signcerts
│   │   │   │   └── cert.pem
│   │   │   └── user
│   │   └── tls
│   │   ├── cacerts
│   │   ├── ca.crt
│   │   ├── IssuerPublicKey
│   │   ├── IssuerRevocationPublicKey
│   │   ├── keystore
│   │   │   └── 2c69d1b6e8077026205aab87d12a7fd32123a5bd01618f790fc951369b52ba7f_sk
│   │   ├── server.crt
│   │   ├── server.key
│   │   ├── signcerts
│   │   │   └── cert.pem
│   │   ├── tlscacerts
│   │   │   └── tls-localhost-7054-ca-org1.pem
│   │   └── user
│   ├── tlsca
│   │   └── tlsca.org1.example.com-cert.pem
│   └── users
│   ├── Admin@org1.example.com
│   │   └── msp
│   │   ├── cacerts
│   │   │   └── localhost-7054-ca-org1.pem
│   │   ├── config.yaml
│   │   ├── IssuerPublicKey
│   │   ├── IssuerRevocationPublicKey
│   │   ├── keystore
│   │   │   └── ae921494e7286cf5fda149063e7f29644fb6ef1e85db0ea87025c434699044af_sk
│   │   ├── signcerts
│   │   │   └── cert.pem
│   │   └── user
│   └── User1@org1.example.com
│   └── msp
│   ├── cacerts
│   │   └── localhost-7054-ca-org1.pem
│   ├── IssuerPublicKey
│   ├── IssuerRevocationPublicKey
│   ├── keystore
│   │   └── 1afa111045bc6b44384ff1dfdaa01548e228cda4beafc7a886a0b26afb96a8eb_sk
│   ├── signcerts
│   │   └── cert.pem
│   └── user
└── org2.example.com
├── ca
│   └── ca.org2.example.com-cert.pem
├── fabric-ca-client-config.yaml
├── msp
│   ├── cacerts
│   │   └── localhost-8054-ca-org2.pem
│   ├── config.yaml
│   ├── IssuerPublicKey
│   ├── IssuerRevocationPublicKey
│   ├── keystore
│   │   └── 6dde2d7c539de41202c228f8b744ed4f9fd411470cf8e2e52de581e5130b0cc0_sk
│   ├── signcerts
│   │   └── cert.pem
│   ├── tlscacerts
│   │   └── ca.crt
│   └── user
├── peers
│   ├── peer0.org2.example.com
│   │   ├── msp
│   │   │   ├── cacerts
│   │   │   │   └── localhost-8054-ca-org2.pem
│   │   │   ├── config.yaml
│   │   │   ├── IssuerPublicKey
│   │   │   ├── IssuerRevocationPublicKey
│   │   │   ├── keystore
│   │   │   │   └── cc3567993dfd9c7f8c1065e672cf910af922fdc1c22a456ae75ff596d9fde803_sk
│   │   │   ├── signcerts
│   │   │   │   └── cert.pem
│   │   │   └── user
│   │   └── tls
│   │   ├── cacerts
│   │   ├── ca.crt
│   │   ├── IssuerPublicKey
│   │   ├── IssuerRevocationPublicKey
│   │   ├── keystore
│   │   │   └── 98c00e2995b7066a789d8924103edf7494eaef75fa1702e81c0c245f3ed74486_sk
│   │   ├── server.crt
│   │   ├── server.key
│   │   ├── signcerts
│   │   │   └── cert.pem
│   │   ├── tlscacerts
│   │   │   └── tls-localhost-8054-ca-org2.pem
│   │   └── user
│   └── peer1.org2.example.com
│   ├── msp
│   │   ├── cacerts
│   │   │   └── localhost-8054-ca-org2.pem
│   │   ├── config.yaml
│   │   ├── IssuerPublicKey
│   │   ├── IssuerRevocationPublicKey
│   │   ├── keystore
│   │   │   └── 850f3be4d0fba8e7f5070fc86ad42a46b330e503b7664a922d8a3709b704bdbe_sk
│   │   ├── signcerts
│   │   │   └── cert.pem
│   │   └── user
│   └── tls
│   ├── cacerts
│   ├── ca.crt
│   ├── IssuerPublicKey
│   ├── IssuerRevocationPublicKey
│   ├── keystore
│   │   └── 584595b78f14d9074fc7a199e95b0091322d576cb90aeddd56997211d03ef6be_sk
│   ├── server.crt
│   ├── server.key
│   ├── signcerts
│   │   └── cert.pem
│   ├── tlscacerts
│   │   └── tls-localhost-8054-ca-org2.pem
│   └── user
├── tlsca
│   └── tlsca.org2.example.com-cert.pem
└── users
├── Admin@org2.example.com
│   └── msp
│   ├── cacerts
│   │   └── localhost-8054-ca-org2.pem
│   ├── config.yaml
│   ├── IssuerPublicKey
│   ├── IssuerRevocationPublicKey
│   ├── keystore
│   │   └── a9c1cdf2c7c17af057cd8e20ef036fb8905d5ba4155cd456855edae340fc5719_sk
│   ├── signcerts
│   │   └── cert.pem
│   └── user
└── User1@org2.example.com
└── msp
├── cacerts
│   └── localhost-8054-ca-org2.pem
├── IssuerPublicKey
├── IssuerRevocationPublicKey
├── keystore
│   └── aa39fd219fe02cc59aa334699cc2aba26e90e3c87df9dde1910fd6b4cd4ed103_sk
├── signcerts
│   └── cert.pem
└── user

94 directories, 98 files

[root@C20-13U-10 ca]# tree organizations/ordererOrganizations/
organizations/ordererOrganizations/
└── example.com
├── fabric-ca-client-config.yaml
├── msp
│   ├── cacerts
│   │   └── localhost-9054-ca-orderer.pem
│   ├── config.yaml
│   ├── IssuerPublicKey
│   ├── IssuerRevocationPublicKey
│   ├── keystore
│   │   └── 78853324c9928122b65395659de248f76f1e50f427ed69e6c4f2c5777dbe8956_sk
│   ├── signcerts
│   │   └── cert.pem
│   ├── tlscacerts
│   │   └── tlsca.example.com-cert.pem
│   └── user
├── orderers
│   ├── orderer2.example.com
│   │   ├── msp
│   │   │   ├── cacerts
│   │   │   │   └── localhost-9054-ca-orderer.pem
│   │   │   ├── config.yaml
│   │   │   ├── IssuerPublicKey
│   │   │   ├── IssuerRevocationPublicKey
│   │   │   ├── keystore
│   │   │   │   └── 812364a43d421b9251287aeded116b7a1a8bce0ea1924528875c63b0897add75_sk
│   │   │   ├── signcerts
│   │   │   │   └── cert.pem
│   │   │   ├── tlscacerts
│   │   │   │   └── tlsca.example.com-cert.pem
│   │   │   └── user
│   │   └── tls
│   │   ├── cacerts
│   │   ├── ca.crt
│   │   ├── IssuerPublicKey
│   │   ├── IssuerRevocationPublicKey
│   │   ├── keystore
│   │   │   └── 5862afe1941006e683ca15675feb2aaa872c08e1a702f27331d7cab84e20fbe7_sk
│   │   ├── server.crt
│   │   ├── server.key
│   │   ├── signcerts
│   │   │   └── cert.pem
│   │   ├── tlscacerts
│   │   │   └── tls-localhost-9054-ca-orderer.pem
│   │   └── user
│   ├── orderer3.example.com
│   │   ├── msp
│   │   │   ├── cacerts
│   │   │   │   └── localhost-9054-ca-orderer.pem
│   │   │   ├── config.yaml
│   │   │   ├── IssuerPublicKey
│   │   │   ├── IssuerRevocationPublicKey
│   │   │   ├── keystore
│   │   │   │   └── bf9796e1a0187b8e942f4e96bf6123df6c105f0560f5d3b83d383d2b1d082351_sk
│   │   │   ├── signcerts
│   │   │   │   └── cert.pem
│   │   │   ├── tlscacerts
│   │   │   │   └── tlsca.example.com-cert.pem
│   │   │   └── user
│   │   └── tls
│   │   ├── cacerts
│   │   ├── ca.crt
│   │   ├── IssuerPublicKey
│   │   ├── IssuerRevocationPublicKey
│   │   ├── keystore
│   │   │   └── 4df0689d688e2daa938501d96ebe92d99d7dadb374164e2034968b6160f7b87a_sk
│   │   ├── server.crt
│   │   ├── server.key
│   │   ├── signcerts
│   │   │   └── cert.pem
│   │   ├── tlscacerts
│   │   │   └── tls-localhost-9054-ca-orderer.pem
│   │   └── user
│   ├── orderer4.example.com
│   │   ├── msp
│   │   │   ├── cacerts
│   │   │   │   └── localhost-9054-ca-orderer.pem
│   │   │   ├── config.yaml
│   │   │   ├── IssuerPublicKey
│   │   │   ├── IssuerRevocationPublicKey
│   │   │   ├── keystore
│   │   │   │   └── a7db07091803dc82f4fb167ef6017c5766ec453e0fb753773c95492638c0a45d_sk
│   │   │   ├── signcerts
│   │   │   │   └── cert.pem
│   │   │   ├── tlscacerts
│   │   │   │   └── tlsca.example.com-cert.pem
│   │   │   └── user
│   │   └── tls
│   │   ├── cacerts
│   │   ├── ca.crt
│   │   ├── IssuerPublicKey
│   │   ├── IssuerRevocationPublicKey
│   │   ├── keystore
│   │   │   └── 34d965acb3f82a1ab38c3ae0f1153d52c420910fb1d20b88eb918e029817c1c2_sk
│   │   ├── server.crt
│   │   ├── server.key
│   │   ├── signcerts
│   │   │   └── cert.pem
│   │   ├── tlscacerts
│   │   │   └── tls-localhost-9054-ca-orderer.pem
│   │   └── user
│   ├── orderer5.example.com
│   │   ├── msp
│   │   │   ├── cacerts
│   │   │   │   └── localhost-9054-ca-orderer.pem
│   │   │   ├── config.yaml
│   │   │   ├── IssuerPublicKey
│   │   │   ├── IssuerRevocationPublicKey
│   │   │   ├── keystore
│   │   │   │   └── 436eb6c827c305b94ccdb65b2773841ffd7a159a6821f1120011a97cde964b52_sk
│   │   │   ├── signcerts
│   │   │   │   └── cert.pem
│   │   │   ├── tlscacerts
│   │   │   │   └── tlsca.example.com-cert.pem
│   │   │   └── user
│   │   └── tls
│   │   ├── cacerts
│   │   ├── ca.crt
│   │   ├── IssuerPublicKey
│   │   ├── IssuerRevocationPublicKey
│   │   ├── keystore
│   │   │   └── aba9458924e7b1f561c200e1f1e76a1da86cc79057ce4480e2adf59484bb389e_sk
│   │   ├── server.crt
│   │   ├── server.key
│   │   ├── signcerts
│   │   │   └── cert.pem
│   │   ├── tlscacerts
│   │   │   └── tls-localhost-9054-ca-orderer.pem
│   │   └── user
│   └── orderer.example.com
│   ├── msp
│   │   ├── cacerts
│   │   │   └── localhost-9054-ca-orderer.pem
│   │   ├── config.yaml
│   │   ├── IssuerPublicKey
│   │   ├── IssuerRevocationPublicKey
│   │   ├── keystore
│   │   │   └── d0e5d71caf9daa6fc195816c7060cb6494560f48150430167faf706ca67b94c4_sk
│   │   ├── signcerts
│   │   │   └── cert.pem
│   │   ├── tlscacerts
│   │   │   └── tlsca.example.com-cert.pem
│   │   └── user
│   └── tls
│   ├── cacerts
│   ├── ca.crt
│   ├── IssuerPublicKey
│   ├── IssuerRevocationPublicKey
│   ├── keystore
│   │   └── 3c64e71c7708ac217e30c89836d1484540b09b436ca08f2267a1ea35a89fd0f1_sk
│   ├── server.crt
│   ├── server.key
│   ├── signcerts
│   │   └── cert.pem
│   ├── tlscacerts
│   │   └── tls-localhost-9054-ca-orderer.pem
│   └── user
└── users
└── Admin@example.com
└── msp
├── cacerts
│   └── localhost-9054-ca-orderer.pem
├── config.yaml
├── IssuerPublicKey
├── IssuerRevocationPublicKey
├── keystore
│   └── 0b239b3e233b2095701525f63065e2d3b7b1a630cdc500551a501f2a80b8d82a_sk
├── signcerts
│   └── cert.pem
└── user

80 directories, 89 files