BCOS之国密链部署WeBase问题

2020年12月24日17:34:09BCOS评论490阅读模式

1.generator工具生成链,启用加密类型为国密,SSL也为国密,出现ssl handshake failed报错

问题描述:

WeBase一键安装启动后,发现5002端口没有起来

# Encrypt type (0: standard, 1: guomi) 
encrypt.type=1 
# ssl encrypt type (0: standard ssl, 1: guomi ssl) 
# only guomi type support guomi ssl 
encrypt.sslType=1

查看 webase-front目录下log

2020-12-23 15:42:53.819 [main] ERROR ChannelConnections() -  all connections have failed, [ ssl handshake failed:/0.0.0.0:20200]
2020-12-23 15:42:53.819 [main] ERROR Service() -  service init failed, error message:  Failed to connect to nodes: [ ssl handshake failed:/0.0.0.0:20200]The reasons for failure may be: 
	1. the configured certificate is not the same set of certificates as the node's certificate; 
	2. the configured certificate is not issued by the same authority as the node's certificate. 
	Please refer to https://fisco-bcos-documentation.readthedocs.io/zh_CN/latest/docs/sdk/java_sdk.html#id24

查看端口发现5002,5004均为启动成功

解决思路:

后来发现是链的问题,因为链是通过generator工具生成,节点的config.ini中sm_crypto_channel为false,而要整链 功使用国密算法,需要下面两个变量都为true

sm_crypto = true
sm_crypto_channel = true

而generator似乎没有提供更改的方法,因此更改generator中配置文件。

解决方法:

研究generator脚本发现国密启动后节点的配置文件是拷贝./tpl/config.ini.gm,因此需要手动或使用脚本将该文件中sm_crypto_channel置为true,generator会自动将该文件copy给节点文件,比较省事。

需要删除原来generator生成的链以及WeBase,再重新部署安装,问题解决。

2.nginx问题,[emerg] open() "/etc/nginx/mime.types"。

问题描述:

==============      Starting WeBASE-Web       ==============
Traceback (most recent call last):
  File "deploy.py", line 106, in <module>
    do()
  File "deploy.py", line 25, in do
    commBuild.do()
  File "/root/develop/webase-deploy/comm/build.py", line 22, in do
    installWeb()
  File "/root/develop/webase-deploy/comm/build.py", line 239, in installWeb
    startWeb()
  File "/root/develop/webase-deploy/comm/build.py", line 263, in startWeb
    res2 = doCmd("sudo " + res["output"] + " -c " + nginx_config_dir)
  File "/root/develop/webase-deploy/comm/utils.py", line 108, in doCmd
    raise Exception("execute cmd  error ,cmd : {}, status is {} ,output is {}".format(cmd,status, output))
Exception: execute cmd  error ,cmd : sudo /usr/bin/nginx -c /root/develop/webase-deploy/comm/nginx.conf, status is 1 ,output is nginx: [emerg] open() "/etc/nginx/mime.types" failed (2: No such file or directory) in /root/develop/webase-deploy/comm/nginx.conf:13

解决思路:

这是由于该web应用nginx配置中找不到/etc/nginx/mime.types。

解决方法:

find / -name mime.types

显示地址为

/www/server/nginx/conf/mime.types

修改nginx.conf

vim /root/develop/webase-deploy/comm/nginx.conf

将报错位置处

include       /etc/nginx/mime.types;
改为
include       /www/server/nginx/conf/mime.types;

重新启动即可:

python deploy.py startAll

 

 

 

 

BCOS最后更新:2021-1-22