From 557dec4da0be0ab06ab2b4257cc45ead1057aec4 Mon Sep 17 00:00:00 2001 From: Genady Gurevich Date: Wed, 21 Jan 2026 17:16:19 +0200 Subject: [PATCH 1/3] saving Signed-off-by: Genady Gurevich From c84bb0f9bb8ada813d4d98e4d29fe1748c0bbf9b Mon Sep 17 00:00:00 2001 From: Genady Gurevich Date: Wed, 21 Jan 2026 17:16:19 +0200 Subject: [PATCH 2/3] saving Signed-off-by: Genady Gurevich From f9cd9d3f2a66ea5ec5549b3c1a4c53723c43299d Mon Sep 17 00:00:00 2001 From: Genady Gurevich Date: Wed, 21 Jan 2026 17:16:19 +0200 Subject: [PATCH 3/3] Push config update (Integration tests - reconfiguration #247) Signed-off-by: Genady Gurevich --- test/send_config_update_test.go | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/test/send_config_update_test.go b/test/send_config_update_test.go index 45052566..4b4b11a8 100644 --- a/test/send_config_update_test.go +++ b/test/send_config_update_test.go @@ -1423,6 +1423,11 @@ func TestChangePartyCACertificates(t *testing.T) { // 6. configUpdateBuilder, _ = configutil.NewConfigUpdateBuilder(t, dir, newConfigBlockPath) + oldUC, err := testutil.GetUserConfig(dir, partyToUpdate) + require.NoError(t, err) + oldSigner, oldCertBytes, err := testutil.LoadCryptoMaterialsFromDir(t, oldUC.MSPDir) + require.NoError(t, err) + // Override the party's crypto materials with the new ones regenerated dstDir := filepath.Join(dir, "crypto", "ordererOrganizations", updateOrg) err = os.RemoveAll(dstDir) @@ -1474,8 +1479,6 @@ func TestChangePartyCACertificates(t *testing.T) { totalTxNumber++ } - broadcastClient.Stop() - pullRequestSigner = signutil.CreateTestSigner(t, submittingOrg, dir) statusUnknown = common.Status_UNKNOWN // Pull blocks to verify all transactions are included @@ -1488,6 +1491,14 @@ func TestChangePartyCACertificates(t *testing.T) { Status: &statusUnknown, Signer: pullRequestSigner, }) + + // Try sending a transaction with the old certificate which should fail as the old cert is no longer trusted by the network + txContent := tx.PrepareTxWithTimestamp(totalTxNumber, 64, []byte("sessionNumber")) + env = tx.CreateSignedStructuredEnvelope(txContent, oldSigner, oldCertBytes, fmt.Sprintf("org%d", partyToUpdate)) + err = broadcastClient.SendTx(env) + require.ErrorContains(t, err, "signature did not satisfy policy", "expected error when sending transaction with old certificate after CA rotation, but got no error") + + broadcastClient.Stop() } type copyPredicate func(path string, d os.DirEntry) bool