What is diffrence between enrolling and registering a certificate in Hyperledger fabric CA
So from what i understand when you "enrol" an identity you get the certificates and private keys for it. When you "register" the identity, you are simply creating the user name and password for that identity with the CA server.
The certificates that the cryptogen tool generate are not any different to the ones generated by the Fabric CA, the cryptogen tool is there for convenience in development. It should not be used in a live / production environment. Under the hood the cryptogen tool actually spins up a fabric ca server locally.
Here is a link to the latest documentation for Fabric CA:
https://hyperledger-fabric-ca.readthedocs.io/en/latest/
Registering identity means adding its details in Fabric CA.
Enrolling means process when registered identity connects to CA and sends Certificate Signing Request (CSR) to it. CA checks if the identity is registered and performs some other validations, if checks are successful then it returns signed certificate to the identity. Since the certificate is signed by CA trusted by blockchain network, the identity has now means to interact with the network using this certificate.
So, to make the identity being able to interact with the network it must pass two steps in this particular sequence:
- Be registered on CA
- Be enrolled
Admin is preregistered in CA using when it is started
fabric-ca-server start -b admin:adminpw
The details are here: https://hyperledger-fabric-ca.readthedocs.io/en/release-1.4/users-guide.html
also you can refer to source