Class: FabricCAClient

FabricCAClient

Client for communciating with the Fabric CA APIs

new FabricCAClient(connect_opts)

constructor
Parameters:
Name Type Description
connect_opts object Connection options for communicating with the Fabric CA server
Properties
Name Type Description
protocol string The protocol to use (either HTTP or HTTPS)
hostname string The hostname of the Fabric CA server endpoint
port number The port of the Fabric CA server endpoint
tlsOptions TLSOptions The TLS settings to use when the Fabric CA endpoint uses "https"
caname string The optional name of the CA. Fabric-ca servers support multiple Certificate Authorities from a single server. If omitted or null or an empty string, then the default CA is the target of requests
Throws:
Will throw an error if connection options are missing or invalid

Methods


enroll(enrollmentID, enrollmentSecret, csr, profile, attr_reqs)

Enroll a registered user in order to receive a signed X509 certificate
Parameters:
Name Type Description
enrollmentID string The registered ID to use for enrollment
enrollmentSecret string The secret associated with the enrollment ID
csr string PEM-encoded PKCS#10 certificate signing request
profile string The profile name. Specify the 'tls' profile for a TLS certificate; otherwise, an enrollment certificate is issued.
attr_reqs Array.<AttributeRequest> An array of AttributeRequest
Throws:
  • Will throw an error if all parameters are not provided
  • Will throw an error if calling the enroll API fails for any reason
Returns:
Type
Promise

newAffiliationService()

Create a new AffiliationService instance
Returns:
instance
Type
AffiliationService

newCertificateService()

Create a new CertificateService instance
Returns:
instance
Type
CertificateService

newIdentityService()

Creates a new IdentityService instance
Returns:
instance
Type
IdentityService

reenroll(csr, signingIdentity, attr_reqs)

Re-enroll an existing user.
Parameters:
Name Type Description
csr string PEM-encoded PKCS#10 certificate signing request
signingIdentity SigningIdentity The instance of a SigningIdentity encapsulating the signing certificate, hash algorithm and signature algorithm
attr_reqs Array.<AttributeRequest> An array of AttributeRequest
Returns:
Type
Promise

register(enrollmentID, enrollmentSecret, role, affiliation, maxEnrollments, attrs, signingIdentity)

Register a new user and return the enrollment secret
Parameters:
Name Type Description
enrollmentID string ID which will be used for enrollment
enrollmentSecret string Optional enrollment secret to set for the registered user. If not provided, the server will generate one. When not including, use a null for this parameter.
role string Optional type of role for this user. When not including, use a null for this parameter.
affiliation string Affiliation with which this user will be associated
maxEnrollments number The maximum number of times the user is permitted to enroll
attrs Array.<KeyValueAttribute> Array of key/value attributes to assign to the user
signingIdentity SigningIdentity The instance of a SigningIdentity encapsulating the signing certificate, hash algorithm and signature algorithm
Returns:
The enrollment secret to use when this user enrolls
Type
Promise

revoke(enrollmentID, aki, serial, reason, signingIdentity)

Revoke an existing certificate (enrollment certificate or transaction certificate), or revoke all certificates issued to an enrollment id. If revoking a particular certificate, then both the Authority Key Identifier and serial number are required. If revoking by enrollment id, then all future requests to enroll this id will be rejected.
Parameters:
Name Type Description
enrollmentID string ID to revoke
aki string Authority Key Identifier string, hex encoded, for the specific certificate to revoke
serial string Serial number string, hex encoded, for the specific certificate to revoke
reason string The reason for revocation. See https://godoc.org/golang.org/x/crypto/ocsp for valid values
signingIdentity SigningIdentity The instance of a SigningIdentity encapsulating the signing certificate, hash algorithm and signature algorithm
Returns:
The revocation results
Type
Promise