Restart Fabric CA server. This time we don’t use -b switch since we have a fabric-ca-server-config.yaml from previous run. Even if we used -b switch it will be ignored.

note that it says

2020/03/27 10:38:13 [INFO] The CA key and certificate already exist

so its picking up the key and certificate from previous run.

Register a new user tom

The register command can only be executed by a registrar – only a registrar can register new users.

when fabric-ca-client is run, it runs under identity of a user (except when enrolling a user). This identity is picked from from $FABRIC_CA_CLIENT_HOME/msp by default. This can be overridden using -M switch.

Enroll tom. his credentials will be saved under $PWD/tom. During this time the -M switch acts differently. This time -M switch is used to specify the location where tom’s credentials should be stored.

Next the registrar can check if a user already exists in the CA db using fabric-ca-client identity list command

and retrieve his X.509 certificate if needed using fabric-ca-client certificate list command

if you run above commands with tom’s identity they will fail as tom is not a registrar.

PS: My book on Programming Hyperledger Fabric.