tencent cloud

Tencent Cloud Blockchain as a Service

문서Tencent Cloud Blockchain as a ServiceDevelopment GuideHyperledger FabricCertificate ApplicationCertificate Application CSR Generation Guide

Certificate Application CSR Generation Guide

Download
포커스 모드
폰트 크기
마지막 업데이트 시간: 2025-04-10 00:41:07

Overview

This document introduces the steps for generating a certificate signing request (CSR) for the corresponding Fabric blockchain network ECC Certificate. According to your actual situation, generate the CSR in the following ways:

Directions

ECC Certificate Application CSR

1. Go to OpenSSL official website, download OpenSSL and configure the installation.
2. download ecccsr tool and unzip.
3. Execute the following commands to generate the corresponding file.
sh ecccsr.sh
The command will generate the following four files:
user_ecc_sign.key: It corresponds to the private key of the user certificate. It needs to be securely stored and can be used in SDK.
user_ecc_sign.csr: Used to apply for a user certificate on the TBaaS Console.
user_ecc_tls.key: It corresponds to the private key of the user's TLS certificate. It needs to be securely stored and can be used in SDK.
user_ecc_tls.csr: Used to apply for a user TLS certificate on the TBaaS Console.

Tool Description

The following are the main commands used in the tool:
1. Generate the private key and CSR file corresponding to the user certificate
Generate key pair: The generated temp file is the private key corresponding to the user certificate.
openssl ecparam -name prime256v1 -genkey -out temp
Generate user certificate CSR file: The openssl_user.cnf file used in the command is included in the download tool.
openssl req -batch -config openssl_user.cnf -key temp -new -sha256 -out user_ecc_sign.csr
Convert private key format: Convert the generated temp private key to a pkcs#8 format user_ecc_sign.key file for subsequent configuration and identification in fabric-sdk.
openssl pkcs8 -topk8 -in temp -nocrypt -out user_ecc_sign.key
2. Generate the private key and CSR file corresponding to the user tls certificate.
Generate key pair: The generated temp file is the private key corresponding to the user tls certificate.
openssl ecparam -name prime256v1 -genkey -out temp
Generate user tls certificate CSR file: The openssl_user.cnf file used in the command is included in the download tool.
openssl req -batch -config openssl_user.cnf -key temp -new -sha256 -out user_ecc_tls.csr
Convert private key format: Convert the generated temp private key to a ser_ecc_tls.key file in pkcs#8 format, subsequently used for configuration and identification in fabric-sdk.
openssl pkcs8 -topk8 -in temp -nocrypt -out user_ecc_tls.key

이전 주제: Contract Example다음 주제: Integration Instructions

도움말 및 지원

문제 해결에 도움이 되었나요?

피드백