Strong identities – the key to the security of the Hyperledger Fabric network
Strong identities are at the heart of Hyperledger Fabric security. Creating, managing, and revoking these identities is critical to the operational security of Hyperledger Fabric-based deployment. The identities are issued by a MSP. As shown in the previous Hyperledger Fabric architecture diagram, one logical MSP is typically associated with one peer. An MSP can issue any appropriate cryptographically signed identities. Hyperledger Fabric ships with a default MSP, (Fabric CA), which issues X.509 certificates to the authenticated entities.
Bootstrapping Fabric CA
Fabric CA can be configured with a LDAP server or run in a standalone mode. When running in a standalone mode, it must be configured with a bootstrap identity that gets stored in the backend database of Fabric CA. By default, a SQLite database is used but, for production usages, a PostgreSQL or a MySQL database can be configured. Typically, the connection...