Welcome to the Linux Foundation Forum!

LAB 8: Peers approved but cannot commit

I managed to approve both peer organizations for the OR endorsement policy under the try it yourself section. However, when trying to commit, I get this error:

Error: proposal failed with status: 500 - failed to invoke backing implementation of 'CommitChaincodeDefinition': chaincode not agreed to by this org (Org2MSP)

My environment variables are set to Org2MSP:

export CORE_PEER_ADDRESS=peer0.org2.example.com:7051
export CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/server.crt
export CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/server.key
export CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt
export CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/users/[email protected]/msp


  • I met this issue too. Anyone get this through?

  • zhasni
    zhasni Posts: 1

    Hi I'm stuck at the same point

    Lab 08 page 12 of the PDF at Chaincode Initialization

    I have my chaincode sacc v1.0 sequence 2 commited with the custom endorsement policy (OR)

    I can Invoke this chaincode with only 1 peer like this :
    peer chaincode invoke -o orderer.example.com:7050 --tls --cafile $ORDERER_TLS_CA -C allarewelcome -n sacc --peerAddresses $CORE_PEER_ADDRESS --tlsRootCertFiles $CORE_PEER_TLS_ROOTCERT_FILE -c '{"function":"set","args":["key2", "value2"]}' --waitForEvent
    So I know my endorsement policy as been updated correctly.

    But I cannot approve the sequence 3

    Why does it ask for 2 approval since the EP has been updated to OR ?
    And why it's still showing false to the approval ?

    I tried to change the ENV variables to bootstrap the peer0 of org1 then org2 -> nothing

    I tried to add this option --signature-policy "OR('Org1MSP.peer', 'Org2MSP.peer')" -> still nothing

    Any Ideas ?

    I'll try to do it again but to not change the endorsement policy to see what happen.

  • Bobbijn
    Bobbijn Posts: 186

    @TriumphS, @zhasni, @samuelslleung
    Hello, The best description of the process by which chaincode is administered can be found in LFS272 Chapter 9 Section CHAINCODE LIFECYCLE AND PRIVATE DATA in the peer lifecycle chaincode install ,_ peer lifecycle chaincode approveformyorg_ and peer lifecycle chaincode commit sections of the text. If you need to dive further I can suggest joining the Tech study circle, an open to the public group, that meets every two weeks to discuss learning experiences, clear doubts, educate each other and discuss various Hyperledger certifications currently available. The next session is March 12 and the Zoom and time zone information can be found here: https://www.meetup.com/Hyperledger-Sweden/events/275744230/ The agenda happens to be a chaincode deep dive.
    Bobbi Muscara
    Ledger Academy

  • Finally I got it through. What I did is:
    1. I use Mac and native Docker. I followed advice online to turn off gRPC FUSE.
    2. Make sure all bootstraps go well and all processes of peer lifecycle chaincode install, approveformyorg and commit are done with both peer0 org1 and org2. If anything goes wrong, gotta fix it before move on. otherwise start from scratch :(
    3. Make sure export CC_PACKAGE_ID= the PACKAGE_ID is entered correctly. It includes sacc1.0:xxxx.
    4. peer lifecycle chaincode checkcommitreadiness to confirm approvals are true for both MSPs
    5. After upgrade, use --init-required when approveformyorg

    If it goes smooth without getting messed on those commands and parameters, the invoke command could be executed well. I can make several times of upgrade and add new key-value pair in each version. Good luck!

  • Bobbijn
    Bobbijn Posts: 186

    Thanks for this information! :)

  • Stuck exactly at the same error @TriumphS . Cannot commit sequence 2, even when is approved by both Org1MSP and Org2MSP

  • Bobbijn
    Bobbijn Posts: 186

    @angelparrales Hello, lets see if we can get to the bottom of this. Did you complete the section (on page 11) that checks whether channel members have approved the new chaincode definition that contains the endorsement policy?

    peer lifecycle chaincode checkcommitreadiness --channelIDallarewelcome --name sacc --version 1.0 --sequence 2 --output json--signature-policy "OR('Org1MSP.peer', 'Org2MSP.peer')"

    "approvals": {
    "Org1MSP": false,
    "Org2MSP": true

    This might be the point we can see why the commit sequence 2 is not being approved. Let me know if this helps. Keep on Learning.

  • angelparrales
    angelparrales Posts: 10
    edited April 2021

    Yes @Bobbijn I completed that section on page 11, and then made the **Try it yourself **


    export CORE_PEER_ADDRESS=peer0.org1.example.com:7051

    export CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.crt

    export CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.key

    export CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt

    export CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/users/[email protected]/msp

    peer lifecycle chaincode approveformyorg -o orderer.example.com:7050 --tls --cafile $ORDERER_TLS_CA --channelID allarewelcome --name sacc --version 1.0 --package-id $CC_PACKAGE_ID --sequence 2 --signature-policy "OR('Org1MSP.peer', 'Org2MSP.peer')"

    2021-04-02 00:13:10.757 UTC [chaincodeCmd] ClientWait -> INFO 001 txid [4ac853153342e27639d84da861f569b66c24e399f35befc9d0628e5a9910a39f] committed with status (VALID) at peer0.org1.example.com:7051

    peer lifecycle chaincode checkcommitreadiness --channelID allarewelcome --name sacc --version 1.0 --sequence 2 --output json --signature-policy "OR('Org1MSP.peer', 'Org2MSP.peer')"
    "approvals": {
    "Org1MSP": true,
    "Org2MSP": true

  • Bobbijn
    Bobbijn Posts: 186

    @angelparrales , Still trying to determine the cause of the error, will get back when I have more information. Bobbi

  • Ok thanks

  • @Bobbijn any update ?

  • Bobbijn
    Bobbijn Posts: 186

    @angelparrales Hello, Still trying to determine the best way we can get to the bottom of this situation. Have you tried the solution samuelslleung posted on March 4th? Bobbi

  • This is the command I enter:

    bash-5.0# peer lifecycle chaincode commit -o orderer.example.com:7050 --tls --cafile $ORDERER_TLS_CA --channelID allarewelcome --name sacc --version 1.0 --sequence 2 --peerAddresses $CORE_PEER_ADDRESS --tlsRootCertFiles $CORE_PEER_TLS_ROOTCERT_FILE --peerAddresses peer0.org1.example.com:7051 --tlsRootCertFiles /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt

    And This is the result:

    Error: proposal failed with status: 500 - failed to invoke backing implementation of 'CommitChaincodeDefinition': chaincode definition not agreed to by this org (Org1MSP)

    I can't see what is wrong here

  • Bobbijn
    Bobbijn Posts: 186


    Hello, I have a resource you can use to gain more information about the issue you are experiencing( [email protected] ) . I am hosting the Learning Material Working Group call today and will bring up your issue during the call. Please feel free to join the call, details can be found here: https://wiki.hyperledger.org/display/LMDWG/Learning+Materials+Development+Working+Group


  • Thanks for the invitation, joined the group. Could not make it to the call.

  • Zaxhary
    Zaxhary Posts: 1
    edited July 2021

    I ran into this error today. I had successfully done this in the past and I did not understand how i got this error.
    Some one would have to double check IMAGE_TAG=2.3
    I reverted my lab08 to IMAGE_TAG=2.2
    But i noticed that my CC_PACKAGE_ID value was missing characters the second time I went through the lab.
    bash-5.1# peer lifecycle chaincode queryinstalled Installed chaincodes on peer: Package ID: sacc_1.0:5562f868f6fd43ff8873f403aa52bc6928161fec933065d0b81e2193f6038bd0, Label: sacc_1.0
    in my terminal the last 3 digits were on the next line and i missed the copy, which pasted the wrong package-id.

    Iff your terminal is too small the rest of the package id is on the following line when you copy from command line..
    good luck!

  • I have encountered the exact same problem, and none of these solutions work. What is the proper way to abort the changes? I can not seem to correct the problem, and in a production system, simply deleting the network and starting over is not an acceptable solution.

  • Bobbijn
    Bobbijn Posts: 186

    @brentbrownfield, Let see if we can work through this. The Labs are set up to run in order, so If an error exists from a previous exercise it will affect current exercises. It is best to start the lab from the beginning making sure all the steps run properly. To make changes in a production environment Hyperledger offers real-time support by the project maintainers. Join the Mailing list at: https://lists.hyperledger.org/g/fabric. You can ask the project maintainers questions about the production environment here.

    Hope this Helps, Bobbi

  • @Bobbijn I have run the labs in order, just as everyone else has done. I have run into the same problem. This would indicate there is something missing in the instructions if a number of people cannot arrive at the correct solution.

    Again with no explanation as to why this happens and how to solve it without starting over, this lab and course seems useless and I can't see how this prepares anyone for a certification exam.

    A simple explanation as to how and why this problem occurs should be provided.

  • Running from the beginning of lab 8 works up until after adding the custom endorsement policy. I successfully executed the endorsement policy, including approving on both Org1 and Org2, specifying the signature policy in both the approve and commit. I do not see any way to verify that the policy was properly set.

    I then proceed to section Chaincode Initialization and run the following commands exactly as outlined in the document, and it still fails.

    bash-5.0# peer lifecycle chaincode approveformyorg -o orderer.example.com:7050 --tls --cafile $ORDERER_TLS_CA --channelID allarewelcome --name sacc --version 1.0 --package-id $CC_PACKAGE_ID --sequence 3 --init-required
    2021-12-08 18:15:25.726 UTC [chaincodeCmd] ClientWait -> INFO 001 txid [8ff32b4faa8b23bce09ff4c0fb46cfcddfb81dd71d32e2f2297b8331927745d8] committed with status (VALID) at peer0.org2.example.com:7051


    bash-5.0# peer lifecycle chaincode checkcommitreadiness --channelID allarewelcome --name sacc --version 1.0 --sequence 3 --output json --signature-policy "OR('Org1MSP.peer', 'Org2MSP.peer')"
            "approvals": {
                    "Org1MSP": false,
                    "Org2MSP": false

    Does the signature policy need to be specified here as well or only up until it is committed? It seems something crucial is left out of the training course and left up to the user to figure out.

    The course material states:

    As discussed previously in this lab, one more approval is required before the new chaincode
    definition can be committed and becomes active on the channel. We leave doing so (and
    invoking the chanincode) as an exercise to the reader

    Is it mandatory to invoke the chaincode after approving for Org1 & committing?

  • I was finally able to resolve my issue specifying both --signature-policy <args> and --init-required on all of the commands shown above as well as the commit.

  • Bobbijn
    Bobbijn Posts: 186

    Great job! I will make note of this solution and pass it on to other learners experiencing the same issue.

  • I got stuck with same problem, non of the above seem to work. Even though with checkcommitreadiness i get :

    peer lifecycle chaincode checkcommitreadiness --channelID allarewelcome --name sacc --version 1.0 --sequence 2 --init-required --output json --signature-policy "OR('Org1MSP.peer', 'Org2MSP.peer')"
        "approvals": {
            "Org1MSP": true,
            "Org2MSP": true

    The commit still fails for both orgs (Org1MSP and Org2MSP):

    peer lifecycle chaincode commit -o orderer.example.com:7050 --tls --cafile $ORDERER_TLS_CA --channelID allarewelcome --name sacc --init-required --version 1.0 --sequence 2 --peerAddresses $CORE_PEER_ADDRESS --tlsRootCertFiles $CORE_PEER_TLS_ROOTCERT_FILE
    Error: proposal failed with status: 500 - failed to invoke backing implementation of 'CommitChaincodeDefinition': chaincode definition not agreed to by this org (Org1MSP)

    I'm confused by the err message. It the output of checkcommitreadiness is true for all orgs, what does definition not agreed by this org means?

  • Ok, so I needed to add --signature-policy "OR('Org1MSP.peer', 'Org2MSP.peer')" to my commit command, like so:

    peer lifecycle chaincode commit \
    -o orderer.example.com:7050 \
    --tls --cafile $ORDERER_TLS_CA \
    --channelID allarewelcome \
    --name sacc \
    --version 1.0 \
    --sequence 2 \
    --peerAddresses $CORE_PEER_ADDRESS \
    --tlsRootCertFiles $CORE_PEER_TLS_ROOTCERT_FILE \
    --peerAddresses peer0.org1.example.com:7051 \
    --tlsRootCertFiles /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt \
    --signature-policy "OR('Org1MSP.peer', 'Org2MSP.peer')"
  • Bobbijn
    Bobbijn Posts: 186

    @msalimbene, Thanks for your patience, we are updating the course material to include the missing commands. Keep on learning. Bobbi


Upcoming Training