identity expired error while doing composer network ping - hyperledger-composer

Long time back I have created a composer network by using composer version 0.19.0. Now when I am trying to ping the network using following command getting this error.
composer network ping --card admin#tutorial-network
output :Error: Error trying to ping. Error: 2 UNKNOWN: identity expired
Please help me how to resolve this issue.

Do you have any other identities registered (and thus have cards in your card store) with your business network which haven't expired ? If you don't then you are locked out of your business network. If you do but they don't have the appropriate ACLS to perform things like identity management (composer identity issue/bind etc) then so long as you have a card that doesn't have an expired identity that can perform install/upgrade you could upgrade your business network to provide required ACLs for that participant to be able to do identity management.

I had same issue today and solved like below.
First you need to delete that card using this command.
composer card delete
Then you can add a new card. (You have a .bna file at the same directory) Use this command below for importing new card.
composer card import --file networkadmin.card
You can ping successfully.
composer network ping --card admin#cardName
I hope this will solve your problem. Then you can start the rest server with below code.
composer-rest-server

Related

Laravel cannot not connect to Stripe

I have trouble connecting to Stripe with my Laravel / React application. Locally it works and the same code on a Digital Ocean droplet doesn't. I get this message:
Could not connect to Stripe (https://api.stripe.com/v1/invoices/upcoming?customer=cus_XXXXXXXXXX). Please check your internet connection and try again. If this problem persists, you should check Stripe's service status at https://twitter.com/stripestatus, or let us know at support#stripe.com. (Network error [errno 7]: )
That is the error message from Laravel. The important part is (Network error [errno 7]: ). It has to do with CURL that encounters this error: CURLE_COULDNT_CONNECT (error code 7).
Also I would expect something like this (Network error [errno 7]: Failed connect to api.stripe.com:443; Operation now in progress). Not a blank space after the colon.
I have tried this:
The server uses SSL (https://xxxxx.xxx)
Reboot the server
Redeploy the application
Clear caches for config, route, view etc.
php artisan optimize:clear
Re-run composer
Checked my Stripe API keys
Tried manually to connect fromt the shell with curl and it works.
Tried https://github.com/stripe/stripe-reachability#stripe-reachability
For reference, you can see the error on https://curl.haxx.se/libcurl/c/libcurl-errors.html and means :
CURLE_COULDNT_CONNECT (7) - Failed to connect() to host or proxy.
This is not an issue in the code, you may need to check your server hosting provider.
BTW, you may need to look at This answer. It's the same.
It is solved with him by changing the server and when communicating with the host provider, he found that the port is blocked because of high traffic.

Hyperledger Composer: fabric-ca request register failed with errors after machine restart

I had a composer-rest-server running on a host. Due to some reason I had to reboot my aws instance. So I stopped all the fabric docker containers except the chaincode and also stopped the composer rest server.
After rebooting the machine, I restarted all the containers. At this time the chaincode container did not start. However, I issued a ping command with admin identity card and the chaincode container too started.
Next, I restarted the composer rest server with the same admin identity. However, when I tried to issue an "identitiy request" command for a participant it resulted in:
Unhandled error for request POST /api/system/identities/issue: Error: fabric-ca request register failed with errors [[{"code":20,"message":"Authorization failure"}]]
Does it mean the old admin identities are invalidated after a system restart?
This is occurring because when the AWS instance reboots, the identity data within the fabric-ca container is cleared (the container uses sqlite for an ephemeral data store).
If you instead setup the fabric-ca container to use a mysql or postgresql db container, you will be able to persist the identity data even after machine/container restarts.
This question also pertains to your situation as well Hyperledger Composer Identity Issue error after network restart (code:20, authorization failure)
This error is usually seen when you try and Issue a New Identity whilst using an Identity that does not have the rights to do so.
(If you are in single user mode the card you started the REST server with does not have the rights, or if in Multi-User mode the card currently being used in the Wallet does not have the rights.)
The Network Admin card initially created to administer the network has the rights to Issue New identities, and if you want to create additional Identities (Cards) that have the right you need to give them issuer rights when you create them. This is an option you use when Issuing an identity. On the CLI you would use a command such as composer identity issue -c admin#my-network --issuer -u mynewuser ...
On the REST server you would include an option in the JSON data e.g.:
{
"participant" : "org.acme.mynetwork.Manager#MGR02",
"userID" : "BrianM",
"options": {"issuer":true}
}

How is a user registered in hyperledger composer?

I am trying to build a mobile application working against a blockchain network. The thing i am not understanding is how the user actually becomes a member( registered ) in the network. Suppose user open’s our applications than what credentials does he enter so that he becomes a participant in the network.
In Composer the first thing to do is to create a participant, then using the Admin Card, Issue an Identity to the participant. (Identity is a Hyperledger Fabric concept, and Composer is built on top of Fabric.) Once the Identity has been Issued (and a card created) you can use that Identity.
I would suggest trying out Participant and Identities using the Composer Playground (either online, or installed locally).
If you haven't seen them, then the Composer Tutorials are a good resource, then perhaps look at this tutorial that uses the Composer Rest Server in Multi-User mode.

Querying the Historian seems to kill business network

I am on composer 0.16.0 and Fabric 1.0.4
While experimenting with Historian queries via composer-client consistently run into a situation when the network becomes non-responsive and the only way to reanimate it seems to be restarting the Fabric and redeploying the network.
The error follows:
>
Error: Error trying to ping. Error: Error trying to query business network. Error: chaincode error (status: 500, message: Error: The current identity has not been registered: admin)
>
So, the questions are:
1. Is this a known issue and is there a workaround? Happy to do more diagnostics and file it properly if that helps.
2. Any way to reboot the network without restarting the Fabric?
Thank you!
so the error "The current identity has not been registered: admin" is fundamentally caused by the fact you are restarting your CA server each time - ie a new CA server, a new authority issuing new credentials effectively for 'admin' (and hence your present admin credentials from 'previous' in your card store are not recognised by the new CA server).
Suggest to
1) clear out old admin cards from your card store eg. composer card delete --name admin#tutorial-network
2) re-import your 'admin' card through playground or CLI - and do a composer network ping to retrieve credentials to the card store.
3) Reduce your Historian queries result sets by adding selection criteria
Note: To restart your existing Dev Fabric - just use docker stop to stop your containers - and docker start you can restart them from the same state (or use docker-compose stop and docker-compose start if you're familiar with that command). Else, use docker persistence to persist your data.
https://hyperledger.github.io/composer/tutorials/developer-tutorial.html
Probably good to

Hyperledger composer ACL definition does not work (verified example)

Ok so here is what I've got:
Setup local fabric using docker compose.
Deployed business network with basic acl, created and enrolled participants, as well as assets using admin id and secret.
composer-rest-server using participants id and secret.
Can still see asset (despite DENY acl) in explorer.
I've posted the .bna and verification steps in github.
https://github.com/wajid-poernomo/sample-business-network
Be great to get some input here as there seem to be lot's of contributors who treat acl as a given. Many thanks in advance.
In summary, the problem was due to not having an attribute set on membership services as described here.
"composer network ping" won't show the participant after "composer identity issue"

Resources