Published on

Setting up Certs for Hyperledger Fabric on Kubernetes


Hyperledger Fabric requires that elliptic curve certs are set up in order to start the Fabric network. You can generate the certs yourself outside of Fabric using for example HashiCorp's Vault unfortunately Vault does not currently let you specify a cert with custom attributes.

Fabric does provide a CA component together with the other Fabric components. You can use Fabric's CA to generate the required certs. Unfortunately this CA configuration is not very well documented. There is a Helm chart for this which can be found here. You do not need to use the Helm chart but what you can do is firstly add the Helm repo that contains it:

  • helm repo add stable

Then download a tar of the chart locally:

  • helm fetch stable/hlf-ca --version 1.0.10

Untar the file that is downloaded and look in the charts folder. In there look for the common config map and copy the contents to a new file. Then modify the template parts of that to suit your cluster's needs.