Uploaded image for project: 'Fabric SDK Node'
  1. Fabric SDK Node
  2. FABN-1234

node sdk client cannot communicate with a fabric ca server that has clientauth enabled

    Details

    • Type: Bug
    • Status: Unverified (View Workflow)
    • Priority: Medium
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Labels:
      None
    • Steps to Reproduce:
      Hide
      Connect to a fabric-ca-server that has clientauth enabled from a node app.

      Observed:
      Error: Calling enrollment endpoint failed with error [Error: write EPROTO 139713218058048:error:14094412:SSL routines:ssl3_read_bytes:sslv3 alert bad certificate:../deps/openssl/openssl/ssl/s3_pkt.c:1498:SSL alert number 42

      139713218058048:error:1409E0E5:SSL routines:ssl3_write_bytes:ssl handshake failure:../deps/openssl/openssl/ssl/s3_pkt.c:659:

      ]

          at ClientRequest.request.on (/app/node_modules/fabric-ca-client/lib/FabricCAClient.js:487:12)

          at emitOne (events.js:116:13)

          at ClientRequest.emit (events.js:211:7)

          at TLSSocket.socketErrorListener (_http_client.js:401:9)

          at emitOne (events.js:116:13)

          at TLSSocket.emit (events.js:211:7)

          at onwriteError (_stream_writable.js:417:12)

          at onwrite (_stream_writable.js:439:5)

          at _destroy (internal/streams/destroy.js:39:7)

          at TLSSocket.Socket._destroy (net.js:568:3)

      Expected:
      No error
      Show
      Connect to a fabric-ca-server that has clientauth enabled from a node app. Observed: Error: Calling enrollment endpoint failed with error [Error: write EPROTO 139713218058048:error:14094412:SSL routines:ssl3_read_bytes:sslv3 alert bad certificate:../deps/openssl/openssl/ssl/s3_pkt.c:1498:SSL alert number 42 139713218058048:error:1409E0E5:SSL routines:ssl3_write_bytes:ssl handshake failure:../deps/openssl/openssl/ssl/s3_pkt.c:659: ]     at ClientRequest.request.on (/app/node_modules/fabric-ca-client/lib/FabricCAClient.js:487:12)     at emitOne (events.js:116:13)     at ClientRequest.emit (events.js:211:7)     at TLSSocket.socketErrorListener (_http_client.js:401:9)     at emitOne (events.js:116:13)     at TLSSocket.emit (events.js:211:7)     at onwriteError (_stream_writable.js:417:12)     at onwrite (_stream_writable.js:439:5)     at _destroy (internal/streams/destroy.js:39:7)     at TLSSocket.Socket._destroy (net.js:568:3) Expected: No error

      Description

      This is related to my [email|https://lists.hyperledger.org/g/fabric/topic/how_to_configure_node_app_to/31570609?p=,,,20,0,0,0::recentpostdate%2Fsticky,,,20,2,0,31570609] and FABN-808. It looks like a node app will never be able to communicate with a fabric ca server that has clientauth enabled. The support for this does not exist in the Node SDK. I looked at the Node SDK code and see following lines (Lines 291-302 in FabricCAClient.js):

      const requestOptions = {            hostname: self._hostname,            port: self._port,            path: self._baseAPI + api_method,            method: http_method,            headers: {                Authorization: self.generateAuthToken(requestObj, signingIdentity)            },            ca: self._tlsOptions.trustedRoots,            rejectUnauthorized: self._tlsOptions.verify,            timeout: CONNECTION_TIMEOUT        };

      showing that the client cert and key is never added to Http options. This should be fixed.

        Attachments

          Activity

            Toggl

            Enter your Toggl API token
            Mark as billable
            Apply JIRA issue labels


            {{ currentTimer.description|limitTo:35 }}...
            {{hours}} hour{{hoursS}}, {{minutes}} minute{{minutesS}}, {{seconds}} second{{secondsS}}

              People

              • Assignee:
                harrisob@us.ibm.com Bret Harrison
                Reporter:
                siddjain siddharth jain
              • Votes:
                1 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:

                  Git Source Code