bitxhub/scripts/quick_start/config-template.yaml

version: 1.0.0

client:

  # Which organization does this application instance belong to? The value must be the name of an org
  # defined under "organizations"
  organization: org2

  logging:
    level: info


  # Root of the MSP directories with keys and certs.
  cryptoconfig:
    path: ${CONFIG_PATH}/crypto-config

  # Some SDKs support pluggable KV stores, the properties under "credentialStore"
  # are implementation specific
  credentialStore:
    # [Optional]. Used by user store. Not needed if all credentials are embedded in configuration
    # and enrollments are performed elswhere.
    path: "/tmp/state-store"

    # [Optional]. Specific to the CryptoSuite implementation used by GO SDK. Software-based implementations
    # requiring a key store. PKCS#11 based implementations does not.
    cryptoStore:
      # Specific to the underlying KeyValueStore that backs the crypto key store.
      path: /tmp/msp

    # BCCSP config for the client. Used by GO SDK.
  BCCSP:
    security:
      enabled: true
      default:
        provider: "SW"
      hashAlgorithm: "SHA2"
      softVerify: true
      level: 256

  tlsCerts:
    #[Optional]. Use system certificate pool when connecting to peers, orderers (for negotiating TLS) Default: false
    systemCertPool: true

    #[Optional]. Client key and cert for TLS handshake with peers and orderers
    client:
      key:
        path: ${CONFIG_PATH}/crypto-config/peerOrganizations/org2.example.com/users/Admin@org2.example.com/tls/server.key
      cert:
        path: ${CONFIG_PATH}/crypto-config/peerOrganizations/org2.example.com/users/Admin@org2.example.com/tls/server.crt

#
# [Optional]. But most apps would have this section so that channel objects can be constructed
# based on the content below. If an app is creating channels, then it likely will not need this
# section.
#
channels:

  #[Required if _default not defined; Optional if _default defined].
  # name of the channel
  mychannel:

    # list of orderers designated by the application to use for transactions on this
    # channel. This list can be a result of access control ("FBI" can only access "ordererA"), or
    # operational decisions to share loads from applications among the orderers.  The values must
    # be "names" of orgs defined under "organizations/p unable to load config backend: loading config feers"
    # deprecated: not recommended, to override any orderer configuration items, entity matchers should be used.
    #    orderers:
    #      - orderer.citizens.com

    #[Required if _default peers not defined; Optional if _default peers defined].
    # list of peers from participating orgs
    peers:
      peer1.org2.example.com:
        endorsingPeer: true
        chaincodeQuery: true
        ledgerQuery: true
        eventSource: true
      # peer0.org2.example.com:
      #   endorsingPeer: true
      #   chaincodeQuery: true
      #   ledgerQuery: true
      #   eventSource: true
#
# list of participating organizations in this network
#
organizations:
  org1:
    mspid: Org1MSP

    # This org's MSP store (absolute path or relative to client.cryptoconfig)
    cryptoPath:  peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp

    peers:
      - peer0.org1.example.com
      - peer1.org1.example.com

    # [Optional]. Certificate Authorities issue certificates for identification purposes in a Fab based
    # network. Typically certificates provisioning is done in a separate process outside of the
    # runtime network. CA is a special certificate authority that provides a REST APIs for
    # dynamic certificate management (enroll, revoke, re-enroll). The following section is only for
    # CA servers.
    # certificateAuthorities:
    #   - ca.fbi.citizens.com

  # the profile will contain public information about organizations other than the one it belongs to.
  # These are necessary information to make transaction lifecycles work, including MSP IDs and
  # peers with a public URL to send transaction proposals. The file will not contain private
  # information reserved for members of the organization, such as admin key and certificate,
  # ca registrar enroll ID and secret, etc.

  org2:
    mspid: Org2MSP

    # This org's MSP store (absolute path or relative to client.cryptoconfig)
    cryptoPath:  peerOrganizations/org2.example.com/users/Admin@org2.example.com/msp

    peers:
      - peer0.org2.example.com
      - peer1.org2.example.com

#
# List of orderers to send transaction and channel create/update requests to. For the time
# being only one orderer is needed. If more than one is defined, which one get used by the
# SDK is implementation specific. Consult each SDK's documentation for its handling of orderers.
#
orderers:
  orderer.example.com:
    url: grpcs://localhost:7050

    # these are standard properties defined by the gRPC library
    # they will be passed in as-is to gRPC client constructor
    grpcOptions:
      ssl-target-name-override: orderer.example.com
      # These parameters should be set in coordination with the keepalive policy on the server,
      # as incompatible settings can result in closing of connection.
      # When duration of the 'keep-alive-time' is set to 0 or less the keep alive client parameters are disabled
      keep-alive-time: 0s
      keep-alive-timeout: 20s
      keep-alive-permit: false
      fail-fast: false
      # allow-insecure will be taken into consideration if address has no protocol defined, if true then grpc or else grpcs
      allow-insecure: false

    tlsCACerts:
      # Certificate location absolute path
      path: ${CONFIG_PATH}/crypto-config/ordererOrganizations/example.com/tlsca/tlsca.example.com-cert.pem

#
# List of peers to send various requests to, including endorsement, query
# and event listener registration.
#
peers:
  peer0.org1.example.com:
    # this URL is used to send endorsement and query requests
    url: grpcs://localhost:7051
    eventUrl: grpcs://localhost:7053
    grpcOptions:
      ssl-target-name-override: peer0.org1.example.com
      # These parameters should be set in coordination with the keepalive policy on the server,
      # as incompatible settings can result in closing of connection.
      # When duration of the 'keep-alive-time' is set to 0 or less the keep alive client parameters are disabled
      keep-alive-time: 0s
      keep-alive-timeout: 20s
      keep-alive-permit: false
      fail-fast: false
      # allow-insecure will be taken into consideration if address has no protocol defined, if true then grpc or else grpcs
      allow-insecure: false

    tlsCACerts:
      # Certificate location absolute path
      path: ${CONFIG_PATH}/crypto-config/peerOrganizations/org1.example.com/tlsca/tlsca.org1.example.com-cert.pem

  peer1.org1.example.com:
    # this URL is used to send endorsement and query requests
    url: grpcs://localhost:8051
    eventUrl: grpcs://localhost:8053
    grpcOptions:
      ssl-target-name-override: peer1.org1.example.com
      # These parameters should be set in coordination with the keepalive policy on the server,
      # as incompatible settings can result in closing of connection.
      # When duration of the 'keep-alive-time' is set to 0 or less the keep alive client parameters are disabled
      keep-alive-time: 0s
      keep-alive-timeout: 20s
      keep-alive-permit: false
      fail-fast: false
      # allow-insecure will be taken into consideration if address has no protocol defined, if true then grpc or else grpcs
      allow-insecure: false

    tlsCACerts:
      # Certificate location absolute path
      path: ${CONFIG_PATH}/crypto-config/peerOrganizations/org1.example.com/tlsca/tlsca.org1.example.com-cert.pem

  peer0.org2.example.com:
    # this URL is used to send endorsement and query requests
    url: grpcs://localhost:9051
    eventUrl: grpcs://localhost:9053
    grpcOptions:
      ssl-target-name-override: peer0.org2.example.com
      # These parameters should be set in coordination with the keepalive policy on the server,
      # as incompatible settings can result in closing of connection.
      # When duration of the 'keep-alive-time' is set to 0 or less the keep alive client parameters are disabled
      keep-alive-time: 0s
      keep-alive-timeout: 20s
      keep-alive-permit: false
      fail-fast: false
      # allow-insecure will be taken into consideration if address has no protocol defined, if true then grpc or else grpcs
      allow-insecure: false

    tlsCACerts:
      # Certificate location absolute path
      path: ${CONFIG_PATH}/crypto-config/peerOrganizations/org2.example.com/tlsca/tlsca.org2.example.com-cert.pem

  peer1.org2.example.com:
    # this URL is used to send endorsement and query requests
    url: grpcs://localhost:10051
    eventUrl: grpcs://localhost:10053
    grpcOptions:
      ssl-target-name-override: peer1.org2.example.com
      # These parameters should be set in coordination with the keepalive policy on the server,
      # as incompatible settings can result in closing of connection.
      # When duration of the 'keep-alive-time' is set to 0 or less the keep alive client parameters are disabled
      keep-alive-time: 0s
      keep-alive-timeout: 20s
      keep-alive-permit: false
      fail-fast: false
      # allow-insecure will be taken into consideration if address has no protocol defined, if true then grpc or else grpcs
      allow-insecure: false

    tlsCACerts:
      # Certificate location absolute path
      path: ${CONFIG_PATH}/crypto-config/peerOrganizations/org2.example.com/tlsca/tlsca.org2.example.com-cert.pem

  #
  # CA is a special kind of Certificate Authority provided by Hyperledger Fab which allows
  # certificate management to be done via REST APIs. Application may choose to use a standard
  # Certificate Authority instead of CA, in which case this section would not be specified.
  #
  # certificateAuthorities:
  #   ca.org1.example.com:
  #     url: https://ca.org1.example.com:7053
  #     tlsCACerts:
  #       # Comma-Separated list of paths
  #       path: /home/shaojie/config_v1/crypto-config/peerOrganizations/org1.example.com/tlsca/tlsca.org1.example.com-cert.pem
  #       # Client key and cert for SSL handshake with Fab CA
  #       client:
  #         key:
  #           path: /home/shaojie/config_v1/crypto-config/peerOrganizations/org1.example.com/users/User1@org1.example.com/tls/client.key
  #         cert:
  #           path: /home/shaojie/config_v1/crypto-config/peerOrganizations/org1.example.com/users/User1@org1.example.com/tls/client.crt

  #     # CA supports dynamic user enrollment via REST APIs. A "root" user, a.k.a registrar, is
  #     # needed to enroll and invoke new users.
  #     registrar:
  #       enrollId: admin
  #       enrollSecret: adminpw
  #     # [Optional] The optional name of the CA.
  #     caName: ca.org1.example.com


  # EntityMatchers enable substitution of network hostnames with static configurations
  # so that properties can be mapped. Regex can be used for this purpose
  # UrlSubstitutionExp can be empty which means the same network hostname will be used
  # UrlSubstitutionExp can be given same as mapped peer url, so that mapped peer url can be used
  # UrlSubstitutionExp can have golang regex matchers like 1.local.example.2:3 for pattern
  # like peer0.fbi.citizens.com:1234 which converts peer0.fbi.citizens.com to peer0.FBI.local.citizens.com:1234
  # sslTargetOverrideUrlSubstitutionExp follow in the same lines as
  # SubstitutionExp for the fields gprcOptions.ssl-target-name-override respectively
# In any case mappedHost's config will be used, so mapped host cannot be empty, if entityMatchers are used
#entityMatchers:
entityMatchers:
  peer:
    - pattern: (\w*)peer0.org1.example.com:(\w*)
      urlSubstitutionExp: grpcs://localhost:7051
      eventUrlSubstitutionExp: grpcs://localhost:7053
      sslTargetOverrideUrlSubstitutionExp: peer0.org1.example.com
      mappedHost: peer0.org1.example.com


    - pattern: (\w*)peer1.org1.example.com:(\w*)
      urlSubstitutionExp: grpcs://localhost:8051
      eventUrlSubstitutionExp: grpcs://localhost:8053
      sslTargetOverrideUrlSubstitutionExp: peer1.org1.example.com
      mappedHost: peer1.org1.example.com

    - pattern: (\w*)peer0.org2.example.com:(\w*)
      urlSubstitutionExp: grpcs://localhost:9051
      eventUrlSubstitutionExp: grpcs://localhost:9053
      sslTargetOverrideUrlSubstitutionExp: peer0.org2.example.com
      mappedHost: peer0.org2.example.com

    - pattern: (\w*)peer1.org2.example.com:(\w*)
      urlSubstitutionExp: grpcs://localhost:10051
      eventUrlSubstitutionExp: grpcs://localhost:10053
      sslTargetOverrideUrlSubstitutionExp: peer1.org2.example.com
      mappedHost: peer1.org2.example.com

  #  orderer:
  #    - pattern: (\w+).example.(\w+)
  #      urlSubstitutionExp: orderer.citizens.com:7050
  #      sslTargetOverrideUrlSubstitutionExp: orderer.citizens.com
  #      mappedHost: orderer.citizens.com
  #
  #    - pattern: (\w+).example2.(\w+)
  #      urlSubstitutionExp: localhost:7050
  #      sslTargetOverrideUrlSubstitutionExp: localhost
  #      mappedHost: orderer.citizens.com
  #
  #    - pattern: (\w+).example3.(\w+)
  #      urlSubstitutionExp:
  #      sslTargetOverrideUrlSubstitutionExp:
  #      mappedHost: orderer.citizens.com
  #
  #    - pattern: (\w+).example4.(\w+):(\d+)
  #      urlSubstitutionExp: 1.example.2:3
  #      sslTargetOverrideUrlSubstitutionExp: 1.example.2
  #      mappedHost: orderer.citizens.com
  #
  #  certificateAuthority:
  #    - pattern: (\w+).fbi.citizens.com.(\w+)
  #      urlSubstitutionExp:
  #      mappedHost: ca.fbi.citizens.com
  #
  #entityMatchers:
  orderer:
    - pattern: (\w*)orderer.example.com(\w*)
      urlSubstitutionExp: grpcs://localhost:7050
      sslTargetOverrideUrlSubstitutionExp: orderer.example.com
      mappedHost: orderer.example.com
feat(*): init project 2020-03-29 21:32:01 +08:00			`version: 1.0.0`

			`client:`

			`# Which organization does this application instance belong to? The value must be the name of an org`
			`# defined under "organizations"`
			`organization: org2`

			`logging:`
			`level: info`


			`# Root of the MSP directories with keys and certs.`
			`cryptoconfig:`
			`path: ${CONFIG_PATH}/crypto-config`

			`# Some SDKs support pluggable KV stores, the properties under "credentialStore"`
			`# are implementation specific`
			`credentialStore:`
			`# [Optional]. Used by user store. Not needed if all credentials are embedded in configuration`
			`# and enrollments are performed elswhere.`
			`path: "/tmp/state-store"`

			`# [Optional]. Specific to the CryptoSuite implementation used by GO SDK. Software-based implementations`
			`# requiring a key store. PKCS#11 based implementations does not.`
			`cryptoStore:`
			`# Specific to the underlying KeyValueStore that backs the crypto key store.`
			`path: /tmp/msp`

			`# BCCSP config for the client. Used by GO SDK.`
			`BCCSP:`
			`security:`
			`enabled: true`
			`default:`
			`provider: "SW"`
			`hashAlgorithm: "SHA2"`
			`softVerify: true`
			`level: 256`

			`tlsCerts:`
			`#[Optional]. Use system certificate pool when connecting to peers, orderers (for negotiating TLS) Default: false`
			`systemCertPool: true`

			`#[Optional]. Client key and cert for TLS handshake with peers and orderers`
			`client:`
			`key:`
			`path: ${CONFIG_PATH}/crypto-config/peerOrganizations/org2.example.com/users/Admin@org2.example.com/tls/server.key`
			`cert:`
			`path: ${CONFIG_PATH}/crypto-config/peerOrganizations/org2.example.com/users/Admin@org2.example.com/tls/server.crt`

			`#`
			`# [Optional]. But most apps would have this section so that channel objects can be constructed`
			`# based on the content below. If an app is creating channels, then it likely will not need this`
			`# section.`
			`#`
			`channels:`

			`#[Required if _default not defined; Optional if _default defined].`
			`# name of the channel`
			`mychannel:`

			`# list of orderers designated by the application to use for transactions on this`
			`# channel. This list can be a result of access control ("FBI" can only access "ordererA"), or`
			`# operational decisions to share loads from applications among the orderers. The values must`
			`# be "names" of orgs defined under "organizations/p unable to load config backend: loading config feers"`
			`# deprecated: not recommended, to override any orderer configuration items, entity matchers should be used.`
			`# orderers:`
			`# - orderer.citizens.com`

			`#[Required if _default peers not defined; Optional if _default peers defined].`
			`# list of peers from participating orgs`
			`peers:`
			`peer1.org2.example.com:`
			`endorsingPeer: true`
			`chaincodeQuery: true`
			`ledgerQuery: true`
			`eventSource: true`
			`# peer0.org2.example.com:`
			`# endorsingPeer: true`
			`# chaincodeQuery: true`
			`# ledgerQuery: true`
			`# eventSource: true`
			`#`
			`# list of participating organizations in this network`
			`#`
			`organizations:`
			`org1:`
			`mspid: Org1MSP`

			`# This org's MSP store (absolute path or relative to client.cryptoconfig)`
			`cryptoPath: peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp`

			`peers:`
			`- peer0.org1.example.com`
			`- peer1.org1.example.com`

			`# [Optional]. Certificate Authorities issue certificates for identification purposes in a Fab based`
			`# network. Typically certificates provisioning is done in a separate process outside of the`
			`# runtime network. CA is a special certificate authority that provides a REST APIs for`
			`# dynamic certificate management (enroll, revoke, re-enroll). The following section is only for`
			`# CA servers.`
			`# certificateAuthorities:`
			`# - ca.fbi.citizens.com`

			`# the profile will contain public information about organizations other than the one it belongs to.`
			`# These are necessary information to make transaction lifecycles work, including MSP IDs and`
			`# peers with a public URL to send transaction proposals. The file will not contain private`
			`# information reserved for members of the organization, such as admin key and certificate,`
			`# ca registrar enroll ID and secret, etc.`

			`org2:`
			`mspid: Org2MSP`

			`# This org's MSP store (absolute path or relative to client.cryptoconfig)`
			`cryptoPath: peerOrganizations/org2.example.com/users/Admin@org2.example.com/msp`

			`peers:`
			`- peer0.org2.example.com`
			`- peer1.org2.example.com`

			`#`
			`# List of orderers to send transaction and channel create/update requests to. For the time`
			`# being only one orderer is needed. If more than one is defined, which one get used by the`
			`# SDK is implementation specific. Consult each SDK's documentation for its handling of orderers.`
			`#`
			`orderers:`
			`orderer.example.com:`
			`url: grpcs://localhost:7050`

			`# these are standard properties defined by the gRPC library`
			`# they will be passed in as-is to gRPC client constructor`
			`grpcOptions:`
			`ssl-target-name-override: orderer.example.com`
			`# These parameters should be set in coordination with the keepalive policy on the server,`
			`# as incompatible settings can result in closing of connection.`
			`# When duration of the 'keep-alive-time' is set to 0 or less the keep alive client parameters are disabled`
			`keep-alive-time: 0s`
			`keep-alive-timeout: 20s`
			`keep-alive-permit: false`
			`fail-fast: false`
			`# allow-insecure will be taken into consideration if address has no protocol defined, if true then grpc or else grpcs`
			`allow-insecure: false`

			`tlsCACerts:`
			`# Certificate location absolute path`
			`path: ${CONFIG_PATH}/crypto-config/ordererOrganizations/example.com/tlsca/tlsca.example.com-cert.pem`

			`#`
			`# List of peers to send various requests to, including endorsement, query`
			`# and event listener registration.`
			`#`
			`peers:`
			`peer0.org1.example.com:`
			`# this URL is used to send endorsement and query requests`
			`url: grpcs://localhost:7051`
			`eventUrl: grpcs://localhost:7053`
			`grpcOptions:`
			`ssl-target-name-override: peer0.org1.example.com`
			`# These parameters should be set in coordination with the keepalive policy on the server,`
			`# as incompatible settings can result in closing of connection.`
			`# When duration of the 'keep-alive-time' is set to 0 or less the keep alive client parameters are disabled`
			`keep-alive-time: 0s`
			`keep-alive-timeout: 20s`
			`keep-alive-permit: false`
			`fail-fast: false`
			`# allow-insecure will be taken into consideration if address has no protocol defined, if true then grpc or else grpcs`
			`allow-insecure: false`

			`tlsCACerts:`
			`# Certificate location absolute path`
			`path: ${CONFIG_PATH}/crypto-config/peerOrganizations/org1.example.com/tlsca/tlsca.org1.example.com-cert.pem`

			`peer1.org1.example.com:`
			`# this URL is used to send endorsement and query requests`
			`url: grpcs://localhost:8051`
			`eventUrl: grpcs://localhost:8053`
			`grpcOptions:`
			`ssl-target-name-override: peer1.org1.example.com`
			`# These parameters should be set in coordination with the keepalive policy on the server,`
			`# as incompatible settings can result in closing of connection.`
			`# When duration of the 'keep-alive-time' is set to 0 or less the keep alive client parameters are disabled`
			`keep-alive-time: 0s`
			`keep-alive-timeout: 20s`
			`keep-alive-permit: false`
			`fail-fast: false`
			`# allow-insecure will be taken into consideration if address has no protocol defined, if true then grpc or else grpcs`
			`allow-insecure: false`

			`tlsCACerts:`
			`# Certificate location absolute path`
			`path: ${CONFIG_PATH}/crypto-config/peerOrganizations/org1.example.com/tlsca/tlsca.org1.example.com-cert.pem`

			`peer0.org2.example.com:`
			`# this URL is used to send endorsement and query requests`
			`url: grpcs://localhost:9051`
			`eventUrl: grpcs://localhost:9053`
			`grpcOptions:`
			`ssl-target-name-override: peer0.org2.example.com`
			`# These parameters should be set in coordination with the keepalive policy on the server,`
			`# as incompatible settings can result in closing of connection.`
			`# When duration of the 'keep-alive-time' is set to 0 or less the keep alive client parameters are disabled`
			`keep-alive-time: 0s`
			`keep-alive-timeout: 20s`
			`keep-alive-permit: false`
			`fail-fast: false`
			`# allow-insecure will be taken into consideration if address has no protocol defined, if true then grpc or else grpcs`
			`allow-insecure: false`

			`tlsCACerts:`
			`# Certificate location absolute path`
			`path: ${CONFIG_PATH}/crypto-config/peerOrganizations/org2.example.com/tlsca/tlsca.org2.example.com-cert.pem`

			`peer1.org2.example.com:`
			`# this URL is used to send endorsement and query requests`
			`url: grpcs://localhost:10051`
			`eventUrl: grpcs://localhost:10053`
			`grpcOptions:`
			`ssl-target-name-override: peer1.org2.example.com`
			`# These parameters should be set in coordination with the keepalive policy on the server,`
			`# as incompatible settings can result in closing of connection.`
			`# When duration of the 'keep-alive-time' is set to 0 or less the keep alive client parameters are disabled`
			`keep-alive-time: 0s`
			`keep-alive-timeout: 20s`
			`keep-alive-permit: false`
			`fail-fast: false`
			`# allow-insecure will be taken into consideration if address has no protocol defined, if true then grpc or else grpcs`
			`allow-insecure: false`

			`tlsCACerts:`
			`# Certificate location absolute path`
			`path: ${CONFIG_PATH}/crypto-config/peerOrganizations/org2.example.com/tlsca/tlsca.org2.example.com-cert.pem`

			`#`
			`# CA is a special kind of Certificate Authority provided by Hyperledger Fab which allows`
			`# certificate management to be done via REST APIs. Application may choose to use a standard`
			`# Certificate Authority instead of CA, in which case this section would not be specified.`
			`#`
			`# certificateAuthorities:`
			`# ca.org1.example.com:`
			`# url: https://ca.org1.example.com:7053`
			`# tlsCACerts:`
			`# # Comma-Separated list of paths`
			`# path: /home/shaojie/config_v1/crypto-config/peerOrganizations/org1.example.com/tlsca/tlsca.org1.example.com-cert.pem`
			`# # Client key and cert for SSL handshake with Fab CA`
			`# client:`
			`# key:`
			`# path: /home/shaojie/config_v1/crypto-config/peerOrganizations/org1.example.com/users/User1@org1.example.com/tls/client.key`
			`# cert:`
			`# path: /home/shaojie/config_v1/crypto-config/peerOrganizations/org1.example.com/users/User1@org1.example.com/tls/client.crt`

			`# # CA supports dynamic user enrollment via REST APIs. A "root" user, a.k.a registrar, is`
			`# # needed to enroll and invoke new users.`
			`# registrar:`
			`# enrollId: admin`
			`# enrollSecret: adminpw`
			`# # [Optional] The optional name of the CA.`
			`# caName: ca.org1.example.com`


			`# EntityMatchers enable substitution of network hostnames with static configurations`
			`# so that properties can be mapped. Regex can be used for this purpose`
			`# UrlSubstitutionExp can be empty which means the same network hostname will be used`
			`# UrlSubstitutionExp can be given same as mapped peer url, so that mapped peer url can be used`
			`# UrlSubstitutionExp can have golang regex matchers like 1.local.example.2:3 for pattern`
			`# like peer0.fbi.citizens.com:1234 which converts peer0.fbi.citizens.com to peer0.FBI.local.citizens.com:1234`
			`# sslTargetOverrideUrlSubstitutionExp follow in the same lines as`
			`# SubstitutionExp for the fields gprcOptions.ssl-target-name-override respectively`
			`# In any case mappedHost's config will be used, so mapped host cannot be empty, if entityMatchers are used`
			`#entityMatchers:`
			`entityMatchers:`
			`peer:`
			`- pattern: (\w)peer0.org1.example.com:(\w)`
			`urlSubstitutionExp: grpcs://localhost:7051`
			`eventUrlSubstitutionExp: grpcs://localhost:7053`
			`sslTargetOverrideUrlSubstitutionExp: peer0.org1.example.com`
			`mappedHost: peer0.org1.example.com`


			`- pattern: (\w)peer1.org1.example.com:(\w)`
			`urlSubstitutionExp: grpcs://localhost:8051`
			`eventUrlSubstitutionExp: grpcs://localhost:8053`
			`sslTargetOverrideUrlSubstitutionExp: peer1.org1.example.com`
			`mappedHost: peer1.org1.example.com`

			`- pattern: (\w)peer0.org2.example.com:(\w)`
			`urlSubstitutionExp: grpcs://localhost:9051`
			`eventUrlSubstitutionExp: grpcs://localhost:9053`
			`sslTargetOverrideUrlSubstitutionExp: peer0.org2.example.com`
			`mappedHost: peer0.org2.example.com`

			`- pattern: (\w)peer1.org2.example.com:(\w)`
			`urlSubstitutionExp: grpcs://localhost:10051`
			`eventUrlSubstitutionExp: grpcs://localhost:10053`
			`sslTargetOverrideUrlSubstitutionExp: peer1.org2.example.com`
			`mappedHost: peer1.org2.example.com`

			`# orderer:`
			`# - pattern: (\w+).example.(\w+)`
			`# urlSubstitutionExp: orderer.citizens.com:7050`
			`# sslTargetOverrideUrlSubstitutionExp: orderer.citizens.com`
			`# mappedHost: orderer.citizens.com`
			`#`
			`# - pattern: (\w+).example2.(\w+)`
			`# urlSubstitutionExp: localhost:7050`
			`# sslTargetOverrideUrlSubstitutionExp: localhost`
			`# mappedHost: orderer.citizens.com`
			`#`
			`# - pattern: (\w+).example3.(\w+)`
			`# urlSubstitutionExp:`
			`# sslTargetOverrideUrlSubstitutionExp:`
			`# mappedHost: orderer.citizens.com`
			`#`
			`# - pattern: (\w+).example4.(\w+):(\d+)`
			`# urlSubstitutionExp: 1.example.2:3`
			`# sslTargetOverrideUrlSubstitutionExp: 1.example.2`
			`# mappedHost: orderer.citizens.com`
			`#`
			`# certificateAuthority:`
			`# - pattern: (\w+).fbi.citizens.com.(\w+)`
			`# urlSubstitutionExp:`
			`# mappedHost: ca.fbi.citizens.com`
			`#`
			`#entityMatchers:`
			`orderer:`
			`- pattern: (\w)orderer.example.com(\w)`
			`urlSubstitutionExp: grpcs://localhost:7050`
			`sslTargetOverrideUrlSubstitutionExp: orderer.example.com`
			`mappedHost: orderer.example.com`