Skip to content
  • Gari Singh's avatar
    [FAB-2174] Populate TLS trust stores from config blocks · 4844ce83
    Gari Singh authored
    https://jira.hyperledger.org/browse/FAB-2714
    
    
    
    With this change, the peer now obtains the root
    certificates it needs to populate the server and
    client trust stores from config blocks.
    
    The following changes updates were made:
    - core/peer/peer.go - added structure to maintain
    per chain aggegate list of CAs for apps and orderers,
    callback function for the config mgr which will
    update the trust stores from config blocks, and
    a function to obtain the aggregate list of
    root CAs for the peer as a whole
    
    - msp - added methods to get the root and intermediate
    certs from an MSP instance.  We can revisit this if
    there is strong belief in not doing it this way, but it
    is better than parsing the protos multiple times
    
    - common/configtx/test - added helper function to
    generate a config block which accepts MSPConfigs
    
    - some cleanup and slight modifications to utility
    functions needed for the above
    
    Change-Id: I30668428a3c65702e1ebe2774668606ff4d78016
    Signed-off-by: default avatarGari Singh <gari.r.singh@gmail.com>
    4844ce83