Fix cert renewal 1181

[SurbhiAgarwal1]

PR Description ( #1181)

Title

fix: resolve "malformed serial number" error during certificate renewal (#1181)

Summary

This Pull Request resolves the "malformed serial number" certificate issue encountered during renewal in the test-network. By ensuring that all existing MSP and TLS artifacts are cleared before re-enrollment, we prevent fabric-ca-client from attempting to use stale or mismatched local credentials for authentication.

Problem Description

User reports and local testing confirmed that certificate renewal via fabric-ca-client often fails if existing certificates are present in the local filesystem. The error Error: malformed serial number occurs during the TLS handshake or certificate parsing when the client tries to load existing artifacts that may no longer be valid or compatible with the current CA state.

Implementation Details

1. New Script: renewCerts.sh:

   • Created a dedicated script to orchestrate the renewal process.
   • For each organization (Org1, Org2, and Orderer), it identifies the msp and tls directories.
   • It removes these directories immediately before calling the enrollment functions, forcing a "clean" enrollment.

2. network.sh Integration:

   • Added a new renew mode.
   • Simplified the user experience to a single command: ./network.sh renew.

3. Error Handling:

   • Updated registerEnroll.sh logic to gracefully handle cases where identities are already registered on the CA (Error Code 74), allowing the script to proceed to the crucial enrollment/renewal phase.

Verification Steps

1. Bring up the network: ./network.sh up -ca -c mychannel
2. Run renewal: ./network.sh renew
3. Verify that new certificates are generated in organizations/peerOrganizations/...
4. Confirm network nodes can still communicate (e.g., by running a chaincode transaction or checking channel status).
   Fixes - ( Error: Failed to get client TLS config: Error parsing certificate: x509: malformed serial number #1181)