Skip to content

Commit

Permalink
add sdk certificate instructions (FISCO-BCOS#898)
Browse files Browse the repository at this point in the history
  • Loading branch information
@chaychen2005 @bxq2011hust
chaychen2005 authored and bxq2011hust committed Aug 14, 2020
1 parent 9a648c7 commit b7dbead
Show file tree
Hide file tree
Showing 6 changed files with 10 additions and 1 deletion.
2 changes: 2 additions & 0 deletions docs/enterprise_tools/operation.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -126,6 +126,8 @@ $ ./generator --generate_sdk_certificate ./dir_sdk_ca ./dir_agency_ca

执行完成后可以在./dir_sdk_ca路径下生成名为SDK的文件夹,包含相应的SDK证书`node.crt` 和私钥`node.key`

FISCO-BCOS 2.5及之后的版本,添加了SDK只能连本机构节点的限制,操作时需确认拷贝证书的路径,否则建联报错。

## generate_all_certificates

| | |
Expand Down
2 changes: 1 addition & 1 deletion docs/manual/build_chain.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -213,7 +213,7 @@ nodes/
│   │.....
│   ├── node3 # 节点3文件夹
│   │.....
│   ├── sdk # SDK与节点SSL连接配置
│   ├── sdk # SDK与节点SSL连接配置,FISCO-BCOS 2.5及之后的版本,添加了SDK只能连本机构节点的限制,操作时需确认拷贝证书的路径,否则建联报错
│   │   ├── ca.crt # SSL连接根证书
│   │   ├── sdk.crt # SSL连接证书
│   │   └── sdk.key # SSL连接证书私钥
Expand Down
2 changes: 2 additions & 0 deletions docs/manual/console.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -85,6 +85,7 @@ curl -LO https://github.com/FISCO-BCOS/console/releases/download/v1.0.10/downloa
- 区块链节点和证书的配置:
- 将节点sdk目录下的`ca.crt``sdk.crt``sdk.key`文件拷贝到`conf`目录下。
-`conf`目录下的`applicationContext-sample.xml`文件重命名为`applicationContext.xml`文件。配置`applicationContext.xml`文件,其中添加注释的内容根据区块链节点配置做相应修改。**提示:如果搭链时设置的channel_listen_ip(若节点版本小于v2.3.0,查看配置项listen_ip)为127.0.0.1或者0.0.0.0,channel_port为20200, 则`applicationContext.xml`配置不用修改。**
- FISCO-BCOS 2.5及之后的版本,添加了SDK只能连本机构节点的限制,操作时需确认拷贝证书的路径,否则建联报错。

```xml
<?xml version="1.0" encoding="UTF-8" ?>
Expand Down Expand Up @@ -148,6 +149,7 @@ curl -LO https://github.com/FISCO-BCOS/console/releases/download/v1.0.10/downloa
- 区块链节点和证书的配置:
- 将节点sdk目录下的`ca.crt``sdk.crt``sdk.key`文件拷贝到`conf`目录下。
-`conf`目录下的`applicationContext-sample.xml`文件重命名为`applicationContext.xml`文件。配置`applicationContext.xml`文件,其中添加注释的内容根据区块链节点配置做相应修改。**提示:如果搭链时设置的channel_listen_ip(若节点版本小于v2.3.0,查看配置项listen_ip)为127.0.0.1或者0.0.0.0,channel_port为20200, 则`applicationContext.xml`配置不用修改。**
- FISCO-BCOS 2.5及之后的版本,添加了SDK只能连本机构节点的限制,操作时需确认拷贝证书的路径,否则建联报错。

- 打开国密开关
```
Expand Down
2 changes: 2 additions & 0 deletions docs/sdk/go_sdk/console.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,8 @@ go build cmd/console.go

- config.toml 配置文件默认使用 channel 连接模式,请拷贝对应的 ca.crt、sdk.crt 和 sdk.key 证书至 go-sdk 目录

- FISCO-BCOS 2.5及之后的版本,添加了SDK只能连本机构节点的限制,操作时需确认拷贝证书的路径,否则建联报错

- 开启命令行支持:

```eval_rst
Expand Down
2 changes: 2 additions & 0 deletions docs/sdk/java_sdk.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -72,6 +72,8 @@ FISCO-BCOS 2.5及之后的版本,在国密区块链环境下支持节点与SDK

- 是否选择国密SSL连接,SDK与区块链节点的配置要保持一致,节点配置参考 `配置链属性 <../manual/configuration.html?highlight=sm_crypto_channel#id10>`_

- FISCO-BCOS 2.5及之后的版本,添加了SDK只能连本机构节点的限制,操作时需确认拷贝证书的路径,否则建联报错。

```
### 配置文件设置
Expand Down
1 change: 1 addition & 0 deletions docs/sdk/python_sdk/install.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -162,6 +162,7 @@ cp ~/fisco/nodes/127.0.0.1/sdk/* bin/
.. note::
- ``client_config.py`` 的 ``channel_node_cert`` 和 ``channel_node_key`` 选项分别用于配置SDK证书和私钥
- ``release-2.1.0`` 版本开始,SDK证书和私钥更新为 ``sdk.crt`` 和 ``sdk.key`` ,配置证书路径前,请先检查上步拷贝的证书名和私钥名,并将 ``channel_node_cert`` 配置为SDK证书路径,将 ``channel_node_key`` 配置为SDK私钥路径
- FISCO-BCOS 2.5及之后的版本,添加了SDK只能连本机构节点的限制,操作时需确认拷贝证书的路径,否则建联报错
```

检查从节点拷贝的sdk证书路径,若sdk证书和私钥路径分别为`bin/sdk.crt``bin/sdk.key`,则`client_config.py`中相关配置项如下:
Expand Down

0 comments on commit b7dbead

Please sign in to comment.