Method for issuing identity certificate to blockchain node and related apparatus

What is claimed is: 1. A method for issuing an identity certificate to a blockchain node in a blockchain network, the blockchain node in the blockchain network comprising: a first terminal; a second terminal; a third terminal; and a certificate authority system comprising a first-tier certificate authority node, a second-tier certificate authority node, and a third-tier certificate authority node; wherein the method, performed by the certificate authority system, comprises: issuing a first identity certificate to the first terminal through the first-tier certificate authority node; receiving a second identity certificate issuance request that is from the first terminal and that is made by using the first identity certificate, wherein the second identity certificate issuance request is generated in response to a registration request transmitted by the second terminal to the first terminal; issuing a second identity certificate to the first terminal through the second-tier certificate authority node, wherein the first terminal forwards the second identity certificate to the second terminal; receiving a third identity certificate issuance request that is from the second terminal and that is made by using the second identity certificate, the third identity certificate issuance request being generated in response to a registration request transmitted by the third terminal to the second terminal having the second identity certificate; and issuing a third identity certificate to the second terminal through the third-tier certificate authority node, wherein the second terminal forwards the third identity certificate to the third terminal. 2. The method according to claim 1 , wherein the certificate authority system further comprises a root certificate authority node, and before the issuing the first identity certificate, the method further comprises: generating the root certificate authority node; generating a root certificate through the root certificate authority node; and generating the first-tier certificate authority node, the second-tier certificate authority node, and the third-tier certificate authority node based on the root certificate. 3. The method according to claim 1 , wherein the third-tier certificate authority node comprises a certificate authority node of a service node unit, a certificate authority node of a non-service node unit, and a personal certificate authority node, wherein the third terminal comprises a service node unit terminal, a non-service node unit terminal, and a personal terminal, further wherein the grassroots unit identity certificate comprises a service node unit identity certificate, a non-service node unit identity certificate, and a personal identity certificate, and the blockchain node further comprises a proxy node; and wherein the issuing the third identity certificate further comprises: issuing, when the third identity certificate issuance request is for a service node unit, the service node unit identity certificate to the second terminal, so that the second terminal forwards the service node unit identity certificate to the service node unit terminal, the service node unit identity certificate being used for communication of chained information between the service node and the proxy node; issuing, when the third identity certificate issuance request is for a non-service node unit, the non-service node unit identity certificate to the second terminal, so that the second terminal forwards the non-service node unit identity certificate to the non-service node unit terminal, the non-service node unit identity certificate being used for transfer of basic information of the chained information between the non-service node unit terminal and the service node unit terminal; and issuing, when the third identity certificate issuance request is for an individual, the personal identity certificate to the second terminal, so that the second terminal forwards the personal identity certificate to the personal terminal, the personal identity certificate being used for transfer of the basic information of the chained information between the personal terminal and the service node unit terminal. 4. The method according to claim 3 , further comprising: issuing a proxy node initiation identity certificate to the proxy node through the first-tier certificate authority node; receiving a proxy node communication identity certificate issuance request that is from the proxy node and that is made by using the proxy node initiation identity certificate; and issuing a proxy node communication identity certificate to the proxy node through the second-tier certificate authority node, the proxy node communication identity certificate being used for communicating with the service node. 5. The method according to claim 1 , wherein after the issuing the first identity certificate further comprises: receiving a third identity certificate issuance request that is from the first terminal and that is made by using the first identity certificate, the third identity certificate issuance request being generated in response to a registration request transmitted by the third terminal to the first terminal through the second terminal; and issuing a third identity certificate to the first terminal through the third-tier certificate authority node, so that the first terminal forwards the third identity certificate through the second terminal to the third terminal. 6. The method according to claim 1 , wherein the issuing the first identity certificate through the first-tier certificate authority node further comprises: generating a public key and a private key of the first terminal by using the first-tier certificate authority node; generating the first identity certificate for the first terminal, the first identity certificate comprising the public key of the first terminal; and transmitting the first identity certificate and the private key of the first terminal to the first terminal; and the receiving a second identity certificate issuance request that is from the first terminal and that is made by using the first identity certificate further comprises: receiving the first identity certificate from the first terminal; receiving the second identity certificate issuance request from the first terminal, the second identity certificate issuance request comprising registration information of the local taxation bureau and a signature signed to the registration information of the local taxation bureau by using the private key of the state taxation administration; and performing, by using the public key of the state taxation administration in the first identity certificate, a verification on the signature in the second identity certificate issuance request. 7. The method according to claim 1 , wherein the issuing a second identity certificate to the first terminal through the second-tier certificate authority node further comprises: performing authentication on the registration information by using the second-tier certificate authority node; generating a public key and a private key of the second terminal for the second terminal when the authentication succeeds; generating the second identity certificate for the second terminal, the second identity certificate comprising the public key of the second terminal; and transmitting the second identity certificate and the private key of the second terminal to the first terminal, so that the first terminal forwards the second identity certificate and the private key of the second terminal to the second terminal, the second identity certificate and the private key of the second terminal being used for communication between the second terminal and another blockchain node in the blockchain network.