Verify configuration

Check that all the environment variables are set properly:

env | sort

You should see output like:

AWS_DEFAULT_REGION=us-east-1
BUCKET_NAME=n-d5jk2e3npjan7gvigtb5uxoqe4-certs
CASERVICEENDPOINT=ca.m-tftwizjugve3jk2d2mmaonzice.n-d5jk2e3npjan7gvigtb5uxoqe4.managedblockchain.us-east-1.amazonaws.com:30002
GOPATH=/home/ec2-user/go
GOROOT=/usr/local/go
HISTCONTROL=ignoredups
HISTSIZE=1000
HOME=/home/ec2-user
HOSTNAME=ip-XXX-XX-XX-XXX.ec2.internal
LANG=en_US.UTF-8
LESSOPEN=||/usr/bin/lesspipe.sh %s
line=export TEST_CHANNEL_NAME=$(echo $MEMBER_NAME | tr '[:upper:]' '[:lower:]')channel
LOGNAME=ec2-user
LS_COLORS=... # suppressed for brevity's sake
MAIL=/var/spool/mail/ec2-user
MEMBER_ADMIN=rtadmin
MEMBER_AWS_ID=123456789012
MEMBERID=m-TFTWIZJUGVE3JK2D2MMAONZICE
MEMBER_NAME=Retailer
NETWORKID=n-D5JK2E3NPJAN7GVIGTB5UXOQE4
ORDERERNOPORT=orderer.n-d5jk2e3npjan7gvigtb5uxoqe4.managedblockchain.us-east-1.amazonaws.com
ORDERER=orderer.n-d5jk2e3npjan7gvigtb5uxoqe4.managedblockchain.us-east-1.amazonaws.com:30001
PATH=/usr/local/go/bin:/usr/local/go/bin:/usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/home/ec2-user/.local/bin:/home/ec2-user/bin:/home/ec2-user/go/src/github.com/hyperledger/fabric-ca/bin:/home/ec2-user/.local/bin:/home/ec2-user/bin:/home/ec2-user/go/src/github.com/hyperledger/fabric-ca/bin
PEER1ENDPOINT=nd-ant7m5xpwreb7pxbkkgokxly4y.m-tftwizjugve3jk2d2mmaonzice.n-d5jk2e3npjan7gvigtb5uxoqe4.managedblockchain.us-east-1.amazonaws.com:30008
PEER1ENDPOINTNOPORT=nd-ant7m5xpwreb7pxbkkgokxly4y.m-tftwizjugve3jk2d2mmaonzice.n-d5jk2e3npjan7gvigtb5uxoqe4.managedblockchain.us-east-1.amazonaws.com
PEER1ID=nd-ANT7M5XPWREB7PXBKKGOKXLY4Y
PEER2ENDPOINT=nd-vjsxnxx7wbb27d4mcf27wpkswa.m-tftwizjugve3jk2d2mmaonzice.n-d5jk2e3npjan7gvigtb5uxoqe4.managedblockchain.us-east-1.amazonaws.com:30010
PEER2ENDPOINTNOPORT=nd-vjsxnxx7wbb27d4mcf27wpkswa.m-tftwizjugve3jk2d2mmaonzice.n-d5jk2e3npjan7gvigtb5uxoqe4.managedblockchain.us-east-1.amazonaws.com
PEER2ID=nd-VJSXNXX7WBB27D4MCF27WPKSWA
PWD=/home/ec2-user
RETAILER_AWS_ID=123456789012
RETAILERID=m-TFTWIZJUGVE3JK2D2MMAONZICE
SHELL=/bin/bash
SHLVL=1
SSH_CLIENT=XXX.XX.XX.XX 37878 22
SSH_CONNECTION=XXX.XX.XX.XX 37878 XXX.XX.XX.XXX 22
SSH_TTY=/dev/pts/0
SUPPLIER_AWS_ID=123456789013
SUPPLIERID=m-IKIKOKXHWRE4PHEAI5OUR6M2KU
TERM=screen
TEST_CHANNEL_NAME=retailerchannel
USER=ec2-user
_=/usr/bin/env
XDG_RUNTIME_DIR=/run/user/1000
XDG_SESSION_ID=269

Specifically, make sure that you have values for CASERVICEENDPOINT, MEMBER_NAME, NETWORKID, MEMBERID, PEER1ID, PEER2ID, PEER1ENDPOINT, and PEER2ENDPOINT.

Use curl to verify that the CA endpoint resolves.

curl "https://$CASERVICEENDPOINT/cainfo" -k -s | jq

If the curl attempt succeeded, you should see something like:

{
  "result": {
    "CAName": "m-VYIRKUGRTRENFFMS6A65UFTFI4",
    "CAChain": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUNzakNDQWxtZ0F3SUJBZ0lVR0swV0M1QlIySm41N2hwazBhRjJMR1BRYjNVd0NnWUlLb1pJemowRUF3SXcKZ2JVeEN6QUpCZ05WQkFZVEFsVlRNUk13RVFZRFZRUUlFd3BYWVhOb2FXNW5kRzl1TVJBd0RnWURWUVFIRXdkVApaV0YwZEd4bE1TSXdJQVlEVlFRS0V4bEJiV0Y2YjI0Z1YyVmlJRk5sY25acFkyVnpMQ0JKYm1NdU1TSXdJQVlEClZRUUxFeGxCYldGNmIyNGdUV0Z1WVdkbFpDQkNiRzlqYTJOb1lXbHVNVGN3TlFZRFZRUURFeTVOWVc1MVptRmoKZEhWeVpYSWdRVzFoZW05dUlFMWhibUZuWldRZ1FteHZZMnRqYUdGcGJpQlNiMjkwSUVOQk1CNFhEVEl3TURVegpNVEExTURNd01Gb1hEVE0xTURVeU9EQTFNRE13TUZvd2diVXhDekFKQmdOVkJBWVRBbFZUTVJNd0VRWURWUVFJCkV3cFhZWE5vYVc1bmRHOXVNUkF3RGdZRFZRUUhFd2RUWldGMGRHeGxNU0l3SUFZRFZRUUtFeGxCYldGNmIyNGcKVjJWaUlGTmxjblpwWTJWekxDQkpibU11TVNJd0lBWURWUVFMRXhsQmJXRjZiMjRnVFdGdVlXZGxaQ0JDYkc5agphMk5vWVdsdU1UY3dOUVlEVlFRREV5NU5ZVzUxWm1GamRIVnlaWElnUVcxaGVtOXVJRTFoYm1GblpXUWdRbXh2ClkydGphR0ZwYmlCU2IyOTBJRU5CTUZrd0V3WUhLb1pJemowQ0FRWUlLb1pJemowREFRY0RRZ0FFcHdvaTlvaHAKOVRVNE90N0RXVmRwTWZ6cjM0U2Zqb1lyRENpS0tZWlkrYktjY0plMnJ5N0VlNDhHUks3dWo1ZWdCVWNtMkUzUwo2NU5FL1Z6L3FnZ2J6Nk5GTUVNd0RnWURWUjBQQVFIL0JBUURBZ0VHTUJJR0ExVWRFd0VCL3dRSU1BWUJBZjhDCkFRRXdIUVlEVlIwT0JCWUVGQ3hZUXhlc0dvVTNuM09xUnRvZmJsVHRSRUZlTUFvR0NDcUdTTTQ5QkFNQ0EwY0EKTUVRQ0lCZG42NmdwSXVwZVl5cHU1bjFRVzhoLzJyd3VSZmk0Z3U0VGJNWXNPbmE5QWlBTE9Cckd3Q215L2FKYQpnWXNIWjlzdkJQMmJDcEpYZ2lzUHB2VFVlQ2kybkE9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==",
    "Version": "1.4.7"
  },
  "errors": [],
  "messages": [],
  "success": true
}

If the connection fails, you will not see any output. It takes a few minutes after creating the VPC endpoint before it becomes fully operational. If the initial attempt fails, keep trying for a few minutes before troubleshooting further. If you are unable to connect to the Fabric CA, double-check your network settings to ensure that the client Amazon EC2 instance has connectivity with the VPC Endpoint. In particular, ensure that the security groups associated with both the VPC Endpoint and the client Amazon EC2 instance have inbound and outbound rules that allow traffic between them.