Deploy Hyperledger Fabric CA (Local)


1 min read

Follow in the following order:

  1. Deploy the TLS CA, responsible for generating certificates that secure communication between all nodes in the organization.

  2. Deploy the organization's CA, for the organization's identity enrollment CA and used it to register and enroll the identities that will participate in the network from this organization.

  3. Deploy the intermediate CA, so security perspective.

Create a folder name fabric-ca-client and go to and choose the right architect and download. After downloading, go to bin -> copy the fabric-ca-client binary file to fabric-ca-client the folder. Then create the following subfolder in it:

  • int-ca

  • org1-ca

  • tls-ca

  • tls-root-cert

In which, tls-ca store certificates that are issued when the Fabric CA client enroll command is run against the TLS CA serer to enroll the TLS CA admin identity. tls-root-cert storing TLS CA root certificate.

Deploy an organization CA

TLS CA issues TLS certificates that allow for secure transactions within an organization (how about cross-organization).

Organization CA referred to as the "enrollment CA" or the eCert CA is used to issue identities for the organization.