I am trying to run Hyperledger fabric peer with SoftHSM enabled. Fabric-ca-server is already running with SoftHSM enabled and all the certificates are generated with HSM enabled.
Initially, when I was trying to run fabric-ca-server it was throwing the same error Could not find defaultPKCS11BCCSP.
Then I found some people suggesting to make build from source code and it fixed that error.
Now I am facing the same error when I run peer node start command to bootstrap peer.
The BCCSP content on core.yaml is below:
# BCCSP (Blockchain crypto provider): Select which crypto implementation or
# library to use
BCCSP:
Default: PKCS11
# Settings for the SW crypto provider (i.e. when DEFAULT: SW)
SW:
# TODO: The default Hash and Security level needs refactoring to be
# fully configurable. Changing these defaults requires coordination
# SHA2 is hardcoded in several places, not only BCCSP
Hash: SHA2
Security: 256
# Location of Key Store
FileKeyStore:
# If "", defaults to 'mspConfigPath'/keystore
KeyStore:
# Settings for the PKCS#11 crypto provider (i.e. when DEFAULT: PKCS11)
PKCS11:
# Location of the PKCS11 module library
Library: /usr/local/lib/softhsm/libsofthsm2.so
# Token Label
Label: ForFabric
# User PIN
Pin: 98765432
Hash: SHA2
Security: 256
FileKeyStore:
KeyStore: /home/akshay/dev/fabric-ca/fabric-ca-client/peerOrg/msp/keystore
The error when I run peer node start:
$ peer node start
2018-12-28 14:48:50.508 IST [main] InitCmd -> ERRO 001 Cannot run peer because error when setting up MSP of type bccsp from directory /home/akshay/dev/fabric-ca/fabric-ca-client/peerOrg/msp: could not initialize BCCSP Factories: Failed initializing BCCSP.: Could not initialize BCCSP SW [Failed to initialize software key store: An invalid KeyStore path provided. Path cannot be an empty string.]
Could not find default `PKCS11` BCCSP
I am using the following peer version:
$ peer version
peer:
Version: 1.4.0
Commit SHA: 9cd9fce
Go version: go1.11.2
OS/Arch: linux/amd64
Chaincode:
Base Image Version: 0.4.14
Base Docker Namespace: hyperledger
Base Docker Label: org.hyperledger.fabric
Docker Namespace: hyperledger
There were two issues:
1) Make sure to delete the SW: section under BCCSP in core.yaml
2) By default, the peer binary and Docker image are both built without support for PCKS11. You can build the peer binary yourself using GO_TAGS=pkcs11 make peer