Help Center>
Blockchain Service>
FAQs>
Enhanced Hyperledger Fabric>
Instance Management>
Service Usage>
How Can I Obtain Private Keys and Certificates for Enhanced Hyperledger Fabric Blockchains?
Updated on 2023-01-16 GMT+08:00
How Can I Obtain Private Keys and Certificates for Enhanced Hyperledger Fabric Blockchains?
Download the private keys and certificates on the BCS console or generate them using OpenSSL.
- To obtain the private key and certificate of a single user, download them on the BCS console.
- Log in to the BCS console.
- In the navigation pane on the left, click Instance Management. Click the Enhanced Hyperledger Fabric tab and click an instance to view its details.
- In the Blockchain Organizations area, click to download the user certificate.
- Decompress the downloaded user certificate. The msp folder contains the user private key (keystore) and certificate (signcerts), as shown in the following figure.
Figure 1 File directory
- To generate the private keys and certificates of multiple users, use OpenSSL.
- Download the CA certificates and private keys.
- Log in to the BCS console.
- In the navigation pane on the left, click Instance Management. Click the Enhanced Hyperledger Fabric tab and click an instance to view its details.
- In the Blockchain Organizations area, click to download the CA certificate.
- Decompress the downloaded CA certificate to obtain the following files:
Figure 2 Decompressed files
- Generate a new ECC private key.
- Generate a private key with prime256v1.
openssl ecparam -name prime256v1 -genkey -out user-key_.pem
- Convert the key format to PKCS#8.
openssl pkcs8 -topk8 -nocrypt -in user-key_.pem -out user-key
- Generate a private key with prime256v1.
- Generate a certificate request file.
openssl req -new -key user-key -out user-csr.pem
- CA issues the certificate.
openssl x509 -req -in user-csr.pem -out user-cert.pem -CA ca.organization-cert.pem -CAkey organization_sk -CAcreateserial -days 3650
- A CA-signed certificate file is user-cert.pem, and the corresponding private key is user-key.
- Download the CA certificates and private keys.
Parent topic: Service Usage
Service Usage FAQs
- Which Ports of a Security Group Are Opened When I Create a BCS Instance?
- How Do I Check Whether the ICAgent Is Installed for the Cluster?
- What Can I Do If I Can't Open the Blockchain Management Console?
- What Should I Do If My BCS Instance Remains in the Creating State?
- What Should I Do If a Peer Restarts Frequently with the Error Message "PanicDB not exist"?
- What Can I Do If the CPU Usage of a Blockchain Node Reaches 100%?
- Why Can't I Log In to the Blockchain Management Console?
- BCS.4009100: System Error
- How Can I Obtain Private Keys and Certificates for Enhanced Hyperledger Fabric Blockchains?
- Why Does Chaincode Instantiation Fail When I Deploy a Fabric v1.4 Instance Using a v1.19 CCE Cluster?
- Can All Blocks Be Saved As More and More Blocks Are Created?
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
The system is busy. Please try again later.
For any further questions, feel free to contact us through the chatbot.
Chatbotmore