1

I am working in a company where we are using the hyperledger fabric to build our application. we have been using the fabric CA till now. Now for the production phase we are planning to move to third party ca provider.

I have read the documentation of the Fabric CA (https://hyperledger-fabric-ca.readthedocs.io/en/release-1.4/) for understanding how it works. I have been looking in the Stackoverflow Fabric tag (https://stackoverflow.com/questions/tagged/hyperledger-fabric) if i could find some relevant solution but i wasn't able to find it.

raza sikander
  • 143
  • 13

1 Answers1

2

Yes you can use other ca providers, as long as they give the x.509 certificates you can use them. In the end what the fabric CA does is:

registration of identities, or connects to LDAP as the user registry

issuance of Enrollment Certificates (ECerts)

certificate renewal and revocation

You can use other providers such as hashicorp vault.

https://learn.hashicorp.com/vault/secrets-management/sm-pki-engine

Bentipe
  • 423
  • 3
  • 17
  • Is there any link which you can provide me for how to use other ca provider instead of fabric ca – raza sikander Aug 28 '19 at 01:45
  • check the docs https://hyperledger-fabric-ca.readthedocs.io/en/release-1.4/users-guide.html#overview - also this Stack overflow answer (items 2 and 3) may be of guidance https://stackoverflow.com/questions/46557907/how-to-implement-fabric-ca-or-third-party-ca-in-hyperledger-fabric/46781188#46781188 – Paul O'Mahony Aug 28 '19 at 08:06
  • @PaulO'Mahony so it is same like setting up the fabric-ca instead setting up 3rdparty or custom ca directly? – raza sikander Aug 29 '19 at 04:12
  • 1
    Yeah, thanks to the modularity of hyperledger fabric you can plug and unplug, as long as you have the required certificates. Of course, you are not going to be able to use the sdk and other main fabric functions related to fabric CA. – Bentipe Aug 29 '19 at 08:26
  • @Bentipe okay i will look into it. Will try to do it and will let you know. – raza sikander Aug 29 '19 at 11:00
  • 1
    I got some resource which is helpful for me and it might help others too https://developer.ibm.com/tutorials/hyperledger-fabric-kubernetes-cluster-tls-rhel/ I was going over and found this. – raza sikander Sep 03 '19 at 04:57