Fabric Certificate Authority (Fabric-CA) issues the identity to users, peers, ordering service nodes, and all the other components, which requires identity across the network. There are many ways to implement the certificate authority, and one of the ways is a Fabric-CA, and another way is called IDE mixer.
The fabric CA is attached to the root certificate authority, and it may have multiple hierarchical levels. A database is used for high availability, and it supports high availability characteristics such that if one part goes down still, it will be functional. It can also be connected to other identity management mechanisms like LDAP.
By default, certificate authority within fabric network issues long team identity (Ecerts) to all the components, and associated private keys are stores securely using hardware service modules.
References
- NPTEL lecture series on Blockchains Architecture, Design and Use Cases by Prof. Sandip Chakraborty, IIT Kharagpur.
260 total views, 1 views today