Register the intermediate CA bootstrap identity with the organization (root) CA 403 Forbidden

[GitHeP]

./fabric-ca-client register -d -u https://org1rootcaadmin:org1rootcaadminpw@rootca.org1.example.com:7055 --id.name org1intermediatecaadmin --id.secret org1intermediatecaadminpw  --id.attrs '"hf.Registrar.Roles=user,admin","hf.Revoker=true","hf.IntermediateCA=true"' --tls.certfiles /usr/project/fabric-ca/org1-ca/tls-ca/ca-cert.pem --mspdir /usr/project/fabric-ca/org1-ca/org1-root-ca/org1rootcaadmin/msp

log content

2022/03/09 03:07:34 [INFO] 192.168.0.105:48152 POST /register 403 76 "Registration of 'org1intermediatecaadmin' failed"
2022/03/09 03:07:55 [DEBUG] Cleaning up expired nonces for CA 'org1-root-ca'
2022/03/09 03:09:27 [DEBUG] Received request for /register
2022/03/09 03:09:27 [DEBUG] Caller is using a x509 certificate
2022/03/09 03:09:27 [DEBUG] Certicate Dates: NotAfter = 2023-03-09 07:49:00 +0000 UTC NotBefore = 2022-03-09 07:41:00 +0000 UTC 
2022/03/09 03:09:27 [INFO] 192.168.0.105:48154 POST /register 401 26 "Untrusted certificate: Failed to verify certificate: x509: certificate signed by unknown authority (possibly because of "x509: ECDSA verification failure" while trying to verify candidate authority certificate "fabric-ca-server")"
2022/03/09 03:09:45 [DEBUG] Received request for /register
2022/03/09 03:09:45 [DEBUG] Caller is using a x509 certificate
2022/03/09 03:09:45 [DEBUG] Certicate Dates: NotAfter = 2023-03-09 07:53:00 +0000 UTC NotBefore = 2022-03-09 07:47:00 +0000 UTC 
2022/03/09 03:09:45 [DEBUG] Checking for revocation/expiration of certificate owned by 'org1rootcaadmin'
2022/03/09 03:09:45 [DEBUG] DB: Get certificate by serial (533f2c5a6619663debbad716a74be3cb577f1875) and aki (db3b6bd4a8420c090d3715e69803b5861391d2e7)
2022/03/09 03:09:45 [DEBUG] DB: Getting identity org1rootcaadmin
2022/03/09 03:09:45 [DEBUG] Successful token authentication of 'org1rootcaadmin'
2022/03/09 03:09:45 [DEBUG] Received registration request from org1rootcaadmin: { Name:org1intermediatecaadmin Type:client Secret:**** MaxEnrollments:0 Affiliation: Attributes:[{hf.Registrar.Roles user,admin false} {hf.Revoker true false} {hf.IntermediateCA true false}] CAName:  }
2022/03/09 03:09:45 [DEBUG] No affiliation provided in registration request, will default to using registrar's affiliation of ''
2022/03/09 03:09:45 [DEBUG] canRegister - Check to see if user 'org1rootcaadmin' can register
2022/03/09 03:09:45 [DEBUG] Checking to see if caller 'org1rootcaadmin' can act on type 'client'
2022/03/09 03:09:45 [DEBUG] Checking to see if caller 'org1rootcaadmin' is a registrar
2022/03/09 03:09:45 [DEBUG] Registrar is not allowed to register user 'org1intermediatecaadmin': Failed to verify if user can act on type: 'org1rootcaadmin' is not a registrar
2022/03/09 03:09:45 [INFO] 192.168.0.105:48156 POST /register 403 76 "Registration of 'org1intermediatecaadmin' failed"