> For the complete documentation index, see [llms.txt](https://docs.catalyx.solutions/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.catalyx.solutions/catalyx-blockchain-manager/hyperledger-fabric/version-2.4/network-and-node-management/security.md). # Security ## Authentication and Authorization Catalyst Blockchain Platform provides the following methods for user authentication and authorization: * **Basic authentication** — Requires user credentials specified during the installation of the Platform. * **OpenID** — User login can be integrated with the OpenID protocol, which allows a third-party service to authenticate a user. This removes central dependency on storing credentials in a single place and enhances platform security. {% hint style="info" %} It is the user's choice to select either OpenID or basic authentication. See [Installation Instructions](broken://pages/d4dffb22870a052ecbe2ab9c90e0e424deb48794) for details. {% endhint %} ## Certificate Management In Hyperledger Fabric, two entities are responsible for identity management: * **Certificate Authority (CA)** — Issues certificates to other entities on the network. The CA issues X.509 certificates, the most popular standard for SSL/TLS connections, securing the network from malicious impersonators. See the [Certificate Authority](file:///7571772/network-and-node-management/certificate-authority.md) section for more information. * **Membership Service Provider (MSP)** — Authenticates the CA or the certificates issued by the CA for a particular network, defining the role and responsibilities of entities based on their certificates. See the [MSP section](file:///7571772/network-and-node-management/msp-and-partners.md) for more information. Hyperledger Fabric uses TLS to establish secure communication between two entities based on the public key infrastructure. ## Key Management Public and private keys are major components of a Public Key Infrastructure (PKI). Effective management of these keys makes the blockchain network highly secure. In the Hyperledger Fabric network, a certificate issued by a CA defines the identity of the entity. The public key identifies the entity on the network, while the private key authenticates transactions. Generated keys use ECDSA with Curve P256 standards. {% hint style="warning" %} Catalyst Blockchain Platform generates private keys and keeps them in storage (Kubernetes Secret or Hashicorp Vault). Private keys **cannot be imported or exported**. {% endhint %} --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.catalyx.solutions/catalyx-blockchain-manager/hyperledger-fabric/version-2.4/network-and-node-management/security.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.