github.com/49746628/fabric-ca-gm@v2.0.0-alpha.0.20200822143404-8a07eefa7452+incompatible/testdata/ca/rootca/ca1/fabric-ca-server-config.yaml

github.com/49746628/fabric-ca-gm@v2.0.0-alpha.0.20200822143404-8a07eefa7452+incompatible/testdata/ca/rootca/ca1/fabric-ca-server-config.yaml (about)

     1  #
     2  # Copyright IBM Corp. All Rights Reserved.
     3  #
     4  # SPDX-License-Identifier: Apache-2.0
     5  #
     6  #############################################################################
     7  # The CA section contains information specific to this Certificate Authority.
     8  # Minimally, the name must be unique for all CAs serviced by the same server.
     9  # Additionally, you may specify any of the settings that are defined in the
    10  # server's configuration file to override them with a value specific for this CA.
    11  # For example, you should provide a different username and password for the
    12  # bootstrap identity as found in the "identities" subsection of the "registry" section.
    13  
    14  # See the server's configuration file for comments on all settings.
    15  # All settings pertaining to the server's listening endpoint are by definition
    16  # server-specific and so will be ignored in a CA configuration file.
    17  #############################################################################
    18  ca:
    19    # Name of this CA
    20    name: rootca1
    21  
    22  ###########################################################################
    23  #  Certificate Signing Request section for generating the CA certificate
    24  ###########################################################################
    25  csr:
    26    cn: fabric-ca-server-rootca1
    27  
    28  #############################################################################
    29  #  The registry section controls how the fabric-ca-server does two things:
    30  #  1) authenticates enrollment requests which contain a username and password
    31  #     (also known as an enrollment ID and secret).
    32  #  2) once authenticated, retrieves the identity's attribute names and values.
    33  #     These attributes are useful for making access control decisions in
    34  #     chaincode.
    35  #  There are two main configuration options:
    36  #  1) The fabric-ca-server is the registry
    37  #  2) An LDAP server is the registry, in which case the fabric-ca-server
    38  #     calls the LDAP server to perform these tasks.
    39  #############################################################################
    40  registry:
    41    # Maximum number of times a password/secret can be reused for enrollment
    42    # (default: -1, which means there is no limit)
    43    maxEnrollments: -1
    44  
    45    # Contains user information which is used when LDAP is disabled
    46    identities:
    47       - name: adminca1
    48         pass: adminca1pw
    49         type: client
    50         affiliation: ""
    51         maxenrollments: -1
    52         attrs:
    53            hf.Registrar.Roles: "client,user,peer,validator,auditor,ca"
    54            hf.Registrar.DelegateRoles: "client,user,validator,auditor"
    55            hf.Revoker: true
    56            hf.IntermediateCA: true
    57            hf.Registrar.Attributes: "*"