I am trying to set up chaincode as an external service using HF v2.0. When it comes to the release stage of the external builder, a connection.json file is provided as follows:
{
"address": "your.chaincode.host.com:9999",
"dial_timeout": "10s",
"tls_required": "true",
"client_auth_required": "true",
"client_key": "-----BEGIN EC PRIVATE KEY----- ... -----END EC PRIVATE KEY-----",
"client_cert": "-----BEGIN CERTIFICATE----- ... -----END CERTIFICATE-----",
"root_cert": "-----BEGIN CERTIFICATE---- ... -----END CERTIFICATE-----"
}
From the context, I figure the client refers to the chaincode service itself, as it's provided as part of the chaincode package. If it is true, for the security reason, should the client_key and client_cert be removed from the configuration? Because for a peer node, it only needs to have a copy of the root_cert from the chaincode service.