Hyperledger fabric cryptgen tool not creating the admincerts

Question

I am using the cryptogen tool from the hyper-ledgerfabric firstsample, Its does not create the admin certificate inside the crypto-config/peerorgani

Answer 1

Yes, I also faced this problem.

For a workaround check what is the version of your cryptogen tool. Try with 1.4.0 version of cryptogen, it works well.

Answer 2

There is a new feature in 1.4.3 which allows you to specify an OU for admin rather than explicitly putting certificates in the admincerts folder.

In your crypto-config, you set EnableNodeOUs: true and this automatically enables OUs for all supported roles.

You'll see something like

NodeOUs:
  Enable: true
  ClientOUIdentifier:
    Certificate: cacerts/ca.sampleorg-cert.pem
    OrganizationalUnitIdentifier: client
  PeerOUIdentifier:
    Certificate: cacerts/ca.sampleorg-cert.pem
    OrganizationalUnitIdentifier: peer
  AdminOUIdentifier:
    Certificate: cacerts/ca.sampleorg-cert.pem
    OrganizationalUnitIdentifier: admin
  OrdererOUIdentifier:
    Certificate: cacerts/ca.sampleorg-cert.pem
    OrganizationalUnitIdentifier: orderer

in the msp/config.yaml file ( in your case in crypto-config/peerorganisation/org1.example.com/msp/crypto.yaml).

Note the AdminOUIdentifier field. This means that any cert issued by the CA for your org which contains an OU=admin is now considered an admin. The certificate generated for the admin user under your org MSP is also generated with OU=admin (e.g. Subject: C=US, ST=California, L=San Francisco, OU=admin, CN=Admin@sampleorg ).