github.com/simranvc/fabric-ca@v0.0.0-20191030094829-acc364294dde/tmp1/hyperledger/org0/orderer/assets/fabric-ca-client-config.yaml

github.com/simranvc/fabric-ca@v0.0.0-20191030094829-acc364294dde/tmp1/hyperledger/org0/orderer/assets/fabric-ca-client-config.yaml (about)

     1  
     2  #############################################################################
     3  #   This is a configuration file for the fabric-ca-client command.
     4  #
     5  #   COMMAND LINE ARGUMENTS AND ENVIRONMENT VARIABLES
     6  #   ------------------------------------------------
     7  #   Each configuration element can be overridden via command line
     8  #   arguments or environment variables.  The precedence for determining
     9  #   the value of each element is as follows:
    10  #   1) command line argument
    11  #      Examples:
    12  #      a) --url https://localhost:7054
    13  #         To set the fabric-ca server url
    14  #      b) --tls.client.certfile certfile.pem
    15  #         To set the client certificate for TLS
    16  #   2) environment variable
    17  #      Examples:
    18  #      a) FABRIC_CA_CLIENT_URL=https://localhost:7054
    19  #         To set the fabric-ca server url
    20  #      b) FABRIC_CA_CLIENT_TLS_CLIENT_CERTFILE=certfile.pem
    21  #         To set the client certificate for TLS
    22  #   3) configuration file
    23  #   4) default value (if there is one)
    24  #      All default values are shown beside each element below.
    25  #
    26  #   FILE NAME ELEMENTS
    27  #   ------------------
    28  #   The value of all fields whose name ends with "file" or "files" are
    29  #   name or names of other files.
    30  #   For example, see "tls.certfiles" and "tls.client.certfile".
    31  #   The value of each of these fields can be a simple filename, a
    32  #   relative path, or an absolute path.  If the value is not an
    33  #   absolute path, it is interpretted as being relative to the location
    34  #   of this configuration file.
    35  #
    36  #############################################################################
    37  
    38  #############################################################################
    39  # Client Configuration
    40  #############################################################################
    41  
    42  # URL of the Fabric-ca-server (default: http://localhost:7054)
    43  url: https://0.0.0.0:7053
    44  
    45  # Membership Service Provider (MSP) directory
    46  # This is useful when the client is used to enroll a peer or orderer, so
    47  # that the enrollment artifacts are stored in the format expected by MSP.
    48  mspdir: msp
    49  
    50  #############################################################################
    51  #    TLS section for secure socket connection
    52  #
    53  #  certfiles - PEM-encoded list of trusted root certificate files
    54  #  client:
    55  #    certfile - PEM-encoded certificate file for when client authentication
    56  #    is enabled on server
    57  #    keyfile - PEM-encoded key file for when client authentication
    58  #    is enabled on server
    59  #############################################################################
    60  tls:
    61    # TLS section for secure socket connection
    62    certfiles:
    63    client:
    64      certfile:
    65      keyfile:
    66  
    67  #############################################################################
    68  #  Certificate Signing Request section for generating the CSR for an
    69  #  enrollment certificate (ECert)
    70  #
    71  #  cn - Used by CAs to determine which domain the certificate is to be generated for
    72  #
    73  #  serialnumber - The serialnumber field, if specified, becomes part of the issued
    74  #     certificate's DN (Distinguished Name).  For example, one use case for this is
    75  #     a company with its own CA (Certificate Authority) which issues certificates
    76  #     to its employees and wants to include the employee's serial number in the DN
    77  #     of its issued certificates.
    78  #     WARNING: The serialnumber field should not be confused with the certificate's
    79  #     serial number which is set by the CA but is not a component of the
    80  #     certificate's DN.
    81  #
    82  #  names -  A list of name objects. Each name object should contain at least one
    83  #    "C", "L", "O", or "ST" value (or any combination of these) where these
    84  #    are abbreviations for the following:
    85  #        "C": country
    86  #        "L": locality or municipality (such as city or town name)
    87  #        "O": organization
    88  #        "OU": organizational unit, such as the department responsible for owning the key;
    89  #         it can also be used for a "Doing Business As" (DBS) name
    90  #        "ST": the state or province
    91  #
    92  #    Note that the "OU" or organizational units of an ECert are always set according
    93  #    to the values of the identities type and affiliation. OUs are calculated for an enroll
    94  #    as OU=<type>, OU=<affiliationRoot>, ..., OU=<affiliationLeaf>. For example, an identity
    95  #    of type "client" with an affiliation of "org1.dept2.team3" would have the following
    96  #    organizational units: OU=client, OU=org1, OU=dept2, OU=team3
    97  #
    98  #  hosts - A list of host names for which the certificate should be valid
    99  #
   100  #############################################################################
   101  csr:
   102    cn: orderer0.example.com
   103    keyrequest:
   104      algo: ecdsa
   105      size: 256
   106    serialnumber:
   107    names:
   108      - C: US
   109        ST: North Carolina
   110        L:
   111        O: Hyperledger
   112        OU: Fabric
   113    hosts:
   114      - simran
   115  
   116  #############################################################################
   117  #  Registration section used to register a new identity with fabric-ca server
   118  #
   119  #  name - Unique name of the identity
   120  #  type - Type of identity being registered (e.g. 'peer, app, user')
   121  #  affiliation - The identity's affiliation
   122  #  maxenrollments - The maximum number of times the secret can be reused to enroll.
   123  #                   Specially, -1 means unlimited; 0 means to use CA's max enrollment
   124  #                   value.
   125  #  attributes - List of name/value pairs of attribute for identity
   126  #############################################################################
   127  id:
   128    name:
   129    type:
   130    affiliation:
   131    maxenrollments: 0
   132    attributes:
   133     # - name:
   134     #   value:
   135  
   136  #############################################################################
   137  #  Enrollment section used to enroll an identity with fabric-ca server
   138  #
   139  #  profile - Name of the signing profile to use in issuing the certificate
   140  #  label - Label to use in HSM operations
   141  #############################################################################
   142  enrollment:
   143    profile:
   144    label:
   145  
   146  #############################################################################
   147  # Name of the CA to connect to within the fabric-ca server
   148  #############################################################################
   149  caname:
   150  
   151  #############################################################################
   152  # BCCSP (BlockChain Crypto Service Provider) section allows to select which
   153  # crypto implementation library to use
   154  #############################################################################
   155  bccsp:
   156      default: SW
   157      sw:
   158          hash: SHA2
   159          security: 256
   160          filekeystore:
   161              # The directory used for the software file-based keystore
   162              keystore: msp/keystore