config-org3.yaml

name: "multiorgledger-network"
#
# Schema version of the content. Used by the SDK to apply the corresponding parsing rules.
#
version: 1.0.0

#
# The client section used by GO SDK.
#
client:

  # Which organization does this application instance belong to? The value must be the name of an org
  # defined under "organizations"
  organization: org3

  logging:
    level: info

  # Global configuration for peer, event service and orderer timeouts
  # if this this section is omitted, then default values will be used (same values as below)
  peer:
    timeout:
      connection: 10s
      response: 180s
      discovery:
        # Expiry period for discovery service greylist filter
        # The channel client will greylist peers that are found to be offline
        # to prevent re-selecting them in subsequent retries.
        # This interval will define how long a peer is greylisted
        greylistExpiry: 10s
  eventService:
    # Event service type (optional). If not specified then the type is automatically
    # determined from channel capabilities.
    type: (deliver)
    # the below timeouts are commented out to use the default values that are found in
    # "pkg/fab/endpointconfig.go"
    # the client is free to override the default values by uncommenting and resetting
    # the values as they see fit in their config file
    timeout:
      connection: 15s
      registrationResponse: 15s
  orderer:
    timeout:
      connection: 15s
      response: 15s
  global:
    timeout:
      query: 180s
      execute: 180s
      resmgmt: 180s
    cache:
      connectionIdle: 30s
      eventServiceIdle: 2m
      channelConfig: 30m
      channelMembership: 30s
      discovery: 10s
      selection: 10m

  # Root of the MSP directories with keys and certs.
  cryptoconfig:
    path: ${GOPATH}/src/multiorgledger/fixtures/crypto-config

  # Some SDKs support pluggable KV stores, the properties under "credentialStore"
  # are implementation specific
  credentialStore:
    path: /tmp/multiorgledger-store

    # [Optional]. Specific to the CryptoSuite implementation used by GO SDK. Software-based implementations
    # requiring a key store. PKCS#11 based implementations does not.
    cryptoStore:
      path: /tmp/multiorgledger-msp

   # BCCSP config for the client. Used by GO SDK.
  BCCSP:
    security:
     enabled: true
     default:
      provider: "SW"
     hashAlgorithm: "SHA2"
     softVerify: true
     level: 256

  tlsCerts:
    # [Optional]. Use system certificate pool when connecting to peers, orderers (for negotiating TLS) Default: false
    enabled: true
    systemCertPool: false

    # [Optional]. Client key and cert for TLS handshake with peers and orderers
    client:
      key:
      cert:
   
# [Optional]. But most apps would have this section so that channel objects can be constructed
# based on the content below. If an app is creating channels, then it likely will not need this
# section.
#
channels:
  # name of the channel
  multiorgledger:
    # Required. list of orderers designated by the application to use for transactions on this
    # channel. This list can be a result of access control ("org3" can only access "ordererA"), or
    # operational decisions to share loads from applications among the orderers.  The values must
    # be "names" of orgs defined under "organizations/peers"
    # deprecated: not recommended, to override any orderer configuration items, entity matchers should be used.
    # orderers:
    #  - orderer.example.com

    # Required. list of peers from participating orgs
    peers:
      peer0.org3.multi.org.ledger.com:
        # [Optional]. will this peer be sent transaction proposals for endorsement? The peer must
        # have the chaincode installed. The app can also use this property to decide which peers
        # to send the chaincode install request. Default: true
        endorsingPeer: true

        # [Optional]. will this peer be sent query proposals? The peer must have the chaincode
        # installed. The app can also use this property to decide which peers to send the
        # chaincode install request. Default: true
        chaincodeQuery: true

        # [Optional]. will this peer be sent query proposals that do not require chaincodes, like
        # queryBlock(), queryTransaction(), etc. Default: true
        ledgerQuery: true

        # [Optional]. will this peer be the target of the SDK's listener registration? All peers can
        # produce events but the app typically only needs to connect to one to listen to events.
        # Default: true
        eventSource: true

      peer1.org3.multi.org.ledger.com:
        # [Optional]. will this peer be sent transaction proposals for endorsement? The peer must
        # have the chaincode installed. The app can also use this property to decide which peers
        # to send the chaincode install request. Default: true
        endorsingPeer: true

        # [Optional]. will this peer be sent query proposals? The peer must have the chaincode
        # installed. The app can also use this property to decide which peers to send the
        # chaincode install request. Default: true
        chaincodeQuery: true

        # [Optional]. will this peer be sent query proposals that do not require chaincodes, like
        # queryBlock(), queryTransaction(), etc. Default: true
        ledgerQuery: true

        # [Optional]. will this peer be the target of the SDK's listener registration? All peers can
        # produce events but the app typically only needs to connect to one to listen to events.
        # Default: true
        eventSource: true
      
    policies:
      #[Optional] options for retrieving channel configuration blocks
      queryChannelConfig:
        #[Optional] min number of success responses (from targets/peers)
        minResponses: 1
        #[Optional] channel config will be retrieved for these number of random targets
        maxTargets: 1
        #[Optional] retry options for query config block
        retryOpts:
          #[Optional] number of retry attempts
          attempts: 5
          #[Optional] the back off interval for the first retry attempt
          initialBackoff: 500ms
          #[Optional] the maximum back off interval for any retry attempt
          maxBackoff: 5s
          #[Optional] he factor by which the initial back off period is exponentially incremented
          backoffFactor: 2.0


#
# list of participating organizations in this network
#
organizations:
  org3:
    mspid: Org3MSP
    cryptoPath: peerOrganizations/org3.multi.org.ledger.com/users/{userName}@org3.multi.org.ledger.com/msp
    peers:
      - peer0.org3.multi.org.ledger.com
      - peer1.org3.multi.org.ledger.com

    # [Optional]. Certificate Authorities issue certificates for identification purposes in a Fabric based
    # network. Typically certificates provisioning is done in a separate process outside of the
    # runtime network. Fabric-CA is a special certificate authority that provides a REST APIs for
    # dynamic certificate management (enroll, revoke, re-enroll). The following section is only for
    # Fabric-CA servers.
    certificateAuthorities:
      - ca.org3.multi.org.ledger.com
    # [Optional]. If the application is going to make requests that are reserved to organization
    # administrators, including creating/updating channels, installing/instantiating chaincodes, it
    # must have access to the admin identity represented by the private key and signing certificate.
    # Both properties can be the PEM string or local path to the PEM file. Note that this is mainly for
    # convenience in development mode, production systems should not expose sensitive information
    # this way. The SDK should allow applications to set the org admin identity via APIs, and only use
    # this route as an alternative when it exists.
    adminPrivateKey:
      path: ${GOPATH}/src/multiorgledger/fixtures/crypto-config/peerOrganizations/org3.multi.org.ledger.com/users/Admin@org3.multi.org.ledger.com/msp/keystore/c07bb745b46ff96b079ea6f5be63ea60cfef2d44f76b8febfc0411a8ca836c53_sk
    signedCert:
      path: ${GOPATH}/src/multiorgledger/fixtures/crypto-config/peerOrganizations/org3.multi.org.ledger.com/users/Admin@org3.multi.org.ledger.com/msp/signcerts/Admin@org3.multi.org.ledger.com-cert.pem  
  
  ordererorg:
      # Membership Service Provider ID for this organization
    mspID: OrdererMSP
      # Needed to load users crypto keys and certs for this org (absolute path or relative to global crypto path, DEV mode)
    cryptoPath: ordererOrganizations/multi.org.ledger.com/users/{username}@multi.org.ledger.com/msp


#
# List of orderers to send transaction and channel create/update requests to. For the time
# being only one orderer is needed. If more than one is defined, which one get used by the
# SDK is implementation specific. Consult each SDK's documentation for its handling of orderers.
#
orderers:
  orderer.multi.org.ledger.com:
    url: grpcs://localhost:7050
    mspid: OrdererMSP

    # these are standard properties defined by the gRPC library
    # they will be passed in as-is to gRPC client constructor
    grpcOptions:
      ssl-target-name-override: orderer.multi.org.ledger.com
      # These parameters should be set in coordination with the keepalive policy on the server,
      # as incompatible settings can result in closing of connection.
      # When duration of the 'keep-alive-time' is set to 0 or less the keep alive client parameters are disabled
      keep-alive-time: 0s
      keep-alive-timeout: 20s
      keep-alive-permit: false
      fail-fast: false
      # allow-insecure will be taken into consideration if address has no protocol defined, if true then grpc or else grpcs
      allow-insecure: false

    tlsCACerts:
      # Certificate location absolute path
      #path: ${GOPATH}/src/multiorgledger/fixtures/crypto-config/ordererOrganizations/multi.org.ledger.com/tlsca/tlsca.multi.org.ledger.com-cert.pem
      path: ${GOPATH}/src/multiorgledger/fixtures/crypto-config/ordererOrganizations/multi.org.ledger.com/orderers/orderer.multi.org.ledger.com/tls/ca.crt
#
# List of peers to send various requests to, including endorsement, query
# and event listener registration.
#
peers:
  peer0.org3.multi.org.ledger.com:
    # this URL is used to send endorsement and query requests
    url: grpcs://localhost:11051
    # eventUrl is only needed when using eventhub (default is delivery service)
    eventUrl: grpcs://localhost:11053

    grpcOptions:
      ssl-target-name-override: peer0.org3.multi.org.ledger.com
      # These parameters should be set in coordination with the keepalive policy on the server,
      # as incompatible settings can result in closing of connection.
      # When duration of the 'keep-alive-time' is set to 0 or less the keep alive client parameters are disabled
      keep-alive-time: 0s
      keep-alive-timeout: 20s
      keep-alive-permit: false
      fail-fast: false
      # allow-insecure will be taken into consideration if address has no protocol defined, if true then grpc or else grpcs
      allow-insecure: false

    tlsCACerts:
      # Certificate location absolute path
      #path: ${GOPATH}/src/multiorgledger/fixtures/crypto-config/peerOrganizations/org3.multi.org.ledger.com/tlsca/tlsca.org3.multi.org.ledger.com-cert.pem
      path: ${GOPATH}/src/multiorgledger/fixtures/crypto-config/peerOrganizations/org3.multi.org.ledger.com/peers/peer0.org3.multi.org.ledger.com/tls/ca.crt

  peer1.org3.multi.org.ledger.com:
    # this URL is used to send endorsement and query requests
    url: grpcs://localhost:12051
    # eventUrl is only needed when using eventhub (default is delivery service)
    eventUrl: grpcs://localhost:12053

    grpcOptions:
      ssl-target-name-override: peer1.org3.multi.org.ledger.com
      # These parameters should be set in coordination with the keepalive policy on the server,
      # as incompatible settings can result in closing of connection.
      # When duration of the 'keep-alive-time' is set to 0 or less the keep alive client parameters are disabled
      keep-alive-time: 0s
      keep-alive-timeout: 20s
      keep-alive-permit: false
      fail-fast: false
      # allow-insecure will be taken into consideration if address has no protocol defined, if true then grpc or else grpcs
      allow-insecure: false

    tlsCACerts:
      # Certificate location absolute path
      #path: ${GOPATH}/src/multiorgledger/fixtures/crypto-config/peerOrganizations/org3.multi.org.ledger.com/tlsca/tlsca.org3.multi.org.ledger.com-cert.pem
      path: ${GOPATH}/src/multiorgledger/fixtures/crypto-config/peerOrganizations/org3.multi.org.ledger.com/peers/peer1.org3.multi.org.ledger.com/tls/ca.crt
  

#
# Fabric-CA is a special kind of Certificate Authority provided by Hyperledger Fabric which allows
# certificate management to be done via REST APIs. Application may choose to use a standard
# Certificate Authority instead of Fabric-CA, in which case this section would not be specified.
#
certificateAuthorities:
  ca.org3.multi.org.ledger.com:
    url: http://localhost:9054

    tlsCACerts:
      # Comma-Separated list of paths
      path: ${GOPATH}/src/multiorgledger/fixtures/crypto-config/peerOrganizations/org3.multi.org.ledger.com/ca/ca.org3.multi.org.ledger.com-cert.pem

    # Fabric-CA supports dynamic user enrollment via REST APIs. A "root" user, a.k.a registrar, is
    # needed to enroll and invoke new users.
    registrar:
      enrollId: admin
      enrollSecret: adminpw
    # [Optional] The optional name of the CA.
    caName: ca.org3.multi.org.ledger.com

entityMatchers:
  peer:
    - pattern: (\w*)peer0.org3.multi.org.ledger.com(\w*)
      urlSubstitutionExp: grpcs://localhost:11051
      eventUrlSubstitutionExp: grpcs://localhost:11053
      sslTargetOverrideUrlSubstitutionExp: peer0.org3.multi.org.ledger.com
      mappedHost: peer0.org3.multi.org.ledger.com

    - pattern: (\w*)peer1.org3.multi.org.ledger.com(\w*)
      urlSubstitutionExp: grpcs://localhost:12051
      eventUrlSubstitutionExp: grpcs://localhost:12053
      sslTargetOverrideUrlSubstitutionExp: peer1.org3.multi.org.ledger.com
      mappedHost: peer1.org3.multi.org.ledger.com

  orderer:
    - pattern: (\w+).multi.org.ledger.com.(\w+)
      urlSubstitutionExp: grpcs://localhost:7050
      sslTargetOverrideUrlSubstitutionExp: orderer.multi.org.ledger.com
      mappedHost: orderer.multi.org.ledger.com

  certificateAuthorities:
    - pattern: (\w+).org3.multi.org.ledger.com(\w*)
      urlSubstitutionExp: http://localhost:9054
      sslTargetOverrideUrlSubstitutionExp: ca.org3.multi.org.ledger.com
      mappedHost: ca.org3.multi.org.ledger.com