https://github.com/hyperledger/fabric-ca/blob/release-1.2/swagger/swagger-fabric-ca.json
Using the above link as reference, I've success with the cainfo method (using localhost:27054/api/v1/cainfo). However, when it comes to registering and enrolling a user, it require an authentication token in the header. This token comprises two base64-encoded segments separated by a period:
- An enrollment certificate.
- A signature over the certificate and the body of the request.
My question is from where I will get the enrollment certificate and perform the signature over it.
Note - I'm exploring the fabric-samples/token-sdk code and attempting to register and enroll users through the fabric-ca REST API.
This is what is expected:
{ "name": "Authorization", "in": "header", "description": "An enrollment token consisting of two base 64 encoded parts separated by a period: \n an enrollment certificate; \n a signature over the certificate and body of request.**", "required": true, "type": "string" }
You would typically use a (previously registered/enrolled) admin identity for the organization to register organization users. The Fabric CA is initially created with a CA admin identity that can be used to register new identities, including admin identities. The enrollment name and secret for the CA admin identity are specified when the CA is initalized. See here for details:
https://hyperledger-fabric-ca.readthedocs.io/en/latest/deployguide/cadeploy.html#initialize-the-tls-ca-server
The code within the Fabric CA client for generating the auth token is here. It seems that the auth token is
certificate.signature, where:certificateis the base64-encoded certificate PEM of the signer.signatureis the base64-encoded signature over a payload.The payload is composed of
method.uri.body.certificate, where:methodis the HTTP method.uriis the base64-encoded request URI.bodyis the base64-encoded JSON request body.certificateis the base64-encoded certificate PEM of the signer.