"fabric-ca-client enroll" Error - "Failed to insert"

Q

Why am I getting the "Certificate signing failure: Failed to insert record into database: attempt to write a readonly database" error, when running the "fabric-ca-client enroll" command?

✍: FYIcenter.com

A

If the Fabric CA Server is not able to update its database, you will get the "Certificate signing failure: Failed to insert record into database: attempt to write a readonly database" error. Here is how to resolve the error:

1. Go to the Fabric CA Server system, and review its Fabric CA Server directory:

$ cd fabric-ca/native-server
$ ls -l 
-rw-r--r-- 1 fyicenter   843 Apr  1 14:51 IssuerPublicKey
-rw-r--r-- 1 fyicenter   215 Apr  1 14:51 IssuerRevocationPublicKey
-rw-r--r-- 1 fyicenter   786 Apr  1 14:51 ca-cert.pem
-rw-r--r-- 1 fyicenter 19788 Apr  1 14:51 fabric-ca-server-config.yaml
-rw-r--r-- 1 fyicenter 34851 Apr  1 14:51 fabric-ca-server.db
drwxr-xr-x 3 fyicenter  4096 Apr  1 14:51 msp

2. Make sure that you have the write permission for the database file, fabric-ca-server.db.

3. Restart the Fabric CA Server:

$ $GOPATH/bin/fabric-ca-server start -b admin:adminpw
...
[INFO] Home directory for default CA: ./
[INFO] Operation Server Listening on 127.0.0.1:9443
[INFO] Listening on http://0.0.0.0:7054

4. Go to the Fabric CA Client system, and run the enrollment command again. You should see no errors.

$ cd fabric-ca/native-client/admin
$ export FABRIC_CA_CLIENT_HOME=~/fabric-ca/native-client/admin

$ $GOPATH/bin/fabric-ca-client enroll -u http://admin:adminpw@localhost:7054
[INFO] generating key: &{A:ecdsa S:256}
[INFO] encoded CSR
[INFO] Stored client certificate at ./msp/signcerts/cert.pem
[INFO] Stored root CA certificate at ./msp/cacerts/localhost-7054.pem
[INFO] Stored Issuer public key at ./msp/IssuerPublicKey
[INFO] Stored Issuer revocation public key at ./msp/IssuerRevocationPublicKey

5. Check the Fabric CA Server log. There is no error this time.

[INFO] signed certificate with serial number 3919587373266598440401873607181...
[INFO] 127.0.0.1:50970 POST /enroll 201 0 "OK"

6. Check the Fabric CA Server home directory. The database file, fabric-ca-server.db, is updated.

-rw-r--r-- 1 fyicenter   843 Apr  1 14:51 IssuerPublicKey
-rw-r--r-- 1 fyicenter   215 Apr  1 14:51 IssuerRevocationPublicKey
-rw-r--r-- 1 fyicenter   786 Apr  1 14:51 ca-cert.pem
-rw-r--r-- 1 fyicenter 19788 Apr  1 14:51 fabric-ca-server-config.yaml
-rw-r--r-- 1 fyicenter 61440 Apr  1 18:06 fabric-ca-server.db
drwxr-xr-x 3 fyicenter  4096 Apr  1 14:51 msp

Â

â‡’ Fabric CA Client Wallet

â‡ Enroll Fabric CA Client Admin Identity

â‡‘ Fabric CA (Certificate Authority)

â‡‘â‡‘ Hyperledger Tutorials

2019-09-27, 1646👍, 0💬

"fabric-ca-client identity list" - List Identities
How to List Identities with the "fabric-ca-client identity list" command? If you want get a list of identities from the Fabric CA Server, you can run the "fabric-ca-client identity list" command: $ export FABRIC_CA_CLIENT_HOME=~/fabric -ca/native-client/admin$ ~/go/bin/fabric-ca-client identity list... 2019-09-27, 1586👍, 0💬

Fabric CA Userâ€™s Guide
Where is the Fabric CA Userâ€™s Guide? The Fabric CA Userâ€™s Guide is provided at: hyperledger-fabric-ca.readthed ocs.io/en/release-1.4/users-gu ide.html. The Fabric CA Userâ€™s Guide provides information on the following topics: Overview Getting Started Prerequisites Install Explore the Fabric ... 2019-10-18, 1043👍, 0💬

Requirements for Registering New Identities
What are requirements for Registering New Identities? With the Fabric CA Client tool, you can register new identities on the Fabric CA Server, if you meet the following requirements: 1. You, as the registrar, must have an identity in your wallet that has the "hf.Registrar.Roles" attribute with a val... 2019-09-16, 927👍, 0💬

"fabric-ca-client register" - Register Second Admin
How to register a second admin with the "fabric-ca-client register" command? You can follow this tutorial to register a second admin with the "fabric-ca-client register" command. 1. Make sure the Fabric CA Server is running. 2. Go to the Fabric CA Client system where you have the "admin" wallet crea... 2019-09-16, 887👍, 0💬

Start Fabric CA Server Natively
How to Start Fabric CA Server Natively? You can follow this tutorial to Start Fabric CA Server Natively. 1. Shutdown existing Fabric CA Server or any process (or docker container) that is using port 7054. $ docker ps | grep fabric-ca hyperledger/fabric-ca:amd64-1. 4.0Up 9 days 0.0.0.0:7054->7... 2019-10-18, 875👍, 0💬

Insatll Fabric CA Server and Client
How to install Fabric CA Server and Client binaries? You can follow this tutorial to install Fabric CA Server and Client binaries. 1. Install both the fabric-ca-server and fabric-ca-client binaries in $GOPATH/bin. $ go get -u github.com/hyperledger/fabric- ca/cmd/...$ cd $GOPATH $ ls -l ./bin -rwxrw... 2019-10-18, 836👍, 0💬

Requirements for Fabric CA Server and Client
What are the requirements to install and run Fabric CA Server and Client? Fabric CA Server and Client are written in Golang, so you need to stall Go environment and required libraries: Go 1.10+ installation GOPATH environment variable is set correctly libtool and libtdhl-dev packages are installed 1... 2019-10-18, 827👍, 0💬

Fabric CA Client Wallet
Where is the Fabric CA Client Wallet that stores identities and certificates used to access the Fabric CA Server? The Fabric CA Client Wallet is stored in the "msp" sub-directory in the $FABRIC_CA_CLIENT_HOME directory or the default location of $HOME/.fabric-ca-client. The Fabric CA Client Wallet h... 2019-09-27, 814👍, 0💬

Enroll Fabric CA Client Admin Identity
How to Enroll Fabric CA Client Admin Identity? In order to use Fabric CA Client tool, you must enroll the server admin identity first. 1. Make sure Fabric CA Server is running at port 7054. 2. Set up FABRIC_CA_CLIENT_HOME environment variable to avoid using the default of $HOME/.fabric-ca-client $ m... 2019-09-27, 806👍, 0💬

All rights in the contents of this web site are reserved by the individual author. fyicenter.com does not guarantee the truthfulness, accuracy, or reliability of any contents.