Skip to content

Instantly share code, notes, and snippets.

@MidLevel-Bot

MidLevel-Bot/quickstart.md Secret

Created October 30, 2020 22:14
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save MidLevel-Bot/04c40a257cb58af97c65f54b57bbe0aa to your computer and use it in GitHub Desktop.
Save MidLevel-Bot/04c40a257cb58af97c65f54b57bbe0aa to your computer and use it in GitHub Desktop.
Download ZIP
http://cert.midlevel.io/ Generated on 30/10/2020 22:14:32 by ::ffff:18.215.33.158
Raw
quickstart.md

ONLY USE SELF SIGNED CERTIFICATES INTERNALLY OR FOR TESTING. USE A SERVICE LIKE LETSENCRYPT FOR REAL CERTIFICATES. THIS PROGRAM WILL GENERATE A CERTIFICATE AUTHORITY KEY PAIR AND A CERTIFICATE SIGNED BY THAT AUTHORITY. CERTIFICATES ARE ONLY VALID FOR 30 DAYS. AFTER THAT TIME YOU NEED A NEW ISSUER AND CERTIFICATE.

Quickstart Instructions (Basic Usage)

Server Instructions

ONLY DO THIS STEP ON THE SERVER. IT SHOULD NOT BE DONE ON CLIENTS. THIS STRING CONTAINS A BASE64 ENCODED PFX FILE, WHICH IS A COMBINATION OF THE CERTIFICATE AND THE PRIVATE KEY FOR THE CERTIFICATE WHICH IS USED TO SIGN KEY EXCHANGES.

In the NetworkingManager.NetworkConfig ServerBase64PfxCertificate text field. Enter the following:

MIIJaQIBAzCCCS8GCSqGSIb3DQEHAaCCCSAEggkcMIIJGDCCA88GCSqGSIb3DQEHBqCCA8AwggO8AgEAMIIDtQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIdJ461TB5l7MCAggAgIIDiOW9JRi/36JSNlal2e+2EOkRLOvkrqWFuMEZSIBRoriMo0HQDuGbm3x/J6vJ1tq4YSskz6FvAz397HPGZTAUGgp5NxCkG5eBu3gH28h3nFgb3z1NJvWfkU3+zod5ZL2uoS3g744vabmEspppAVZ/y34sj69phK1Zgl33j5FWwBcRLgRBT59nvZZpWO4efO8m9hRyES/1EgCs4lj8kho1Gqm5+p5Nkt2hEdcIyB6u2nijdReipCI4stm0tvfQ0azEJOqr4hL7B43t/hEj1osWtfYo/tfSLefCOr2UorC1jzDIEqD/1bNWJEDpQF8OGkxQX4uOTz+roKSi/JeAQ8crV+rgW3Iipc4g9n8gqbOkzhUCEZfcPh8mNjow9cZ9x/TV3QbT6anOOIJUZp87mQ+i67E7wI7SDZxlSKd3DGmGstBkMEmV19iLCcUu7rN0gCyYR65bo1wGNzqALrqx2/AYqEAWydNmXymTT+hcOI6P9f4NywLN4n/SmtlBP4XvchZPpQQWGYq6w7AuG0wInY4FzuS3bdqvb9FaLxLOhBPb037ix9s3KKen0ajIvmOtgVfVUIss9PUVyFVc5SGwtfG6NsqUoWCaK7XeqtcE7g4QA7Kd6coHzlFk9EBpy0tJudvLE8ugsbNn9rsUqt/qCsJVVRnAVI8gtWFix1zAWgpg+zDyxch3YzTjbksU/gZKojGZvckf8MFJ56DWTzRYWRB1Xs5nsx9O3h7FcUvYH1GPM2H9UPz3cbdVHF0wiC/e1xlYhLeUWIf/W+x1IeT1vF6lq1vkNpZEmuxYKLB9jgDw9WCOpPGkrknltdhGl0ciVERcf8awBTE6+8OqLB689kdCG7ezqiTWxqik178C66HPUkaGa41R8Zu5duKZOUL/97FReJGItYhQ+MAlRSiiV6BEEoSQ6x59pX0Ktu7xQDRaAVTicY+YNQ13QbqaGpdx5Rp6qWHeZHygSKKmRwQCn2HuEwVSoWKMOZxYsMqTA1EhyfZn3W05skueu9hGY8P80RLarVpxX4Hj4p/cO8btxxAayrZsZWGMYfMa5aCFb343fncCQ5J3PRfsOJMNF4QLjrLd/Fc2vvWFbVKDOeiaCo/q0Nk3hdsBvk8n3EyTDkOOHTjmTxllkX2MII6H4Bv0rOEOR57FQBO/ADqyJ63dYM7zfBa9R8iYcC24TPVsxrqWZJ3yMU42DEbbk90wggVBBgkqhkiG9w0BBwGgggUyBIIFLjCCBSowggUmBgsqhkiG9w0BDAoBAqCCBO4wggTqMBwGCiqGSIb3DQEMAQMwDgQIdufN4HWsQw8CAggABIIEyGrGUH/GorJQId66+gmK2fHpVf11cuAx6qeggtowaZh7cMb2xp+V2m11L5rM1McjweSLnEkC3jz/mT8q3lLSNPyXyYr6haN9fciBE/xJiZnKj/xuvrqCxqkf2re5zH4p3zTo0jFSqfS0IUZRjlfu3N2MV5RmZaKtRbeYk8bNmuajL9dqci1WsTPxVTqTJip1DTK//fCGyPk4QhsF2pYmBr7cwkFxQvm9kqMscGY2jsJ4M8u2H1gFK6djcB4ARsnW0QbwRlSrglf4av0wgjAjRFr8AaKvdC+Heiry1Bt284VKvAekHObaXgULLoZT7a7NivPzESisB4mln75UOqkl3eIeXBzkdV6EKcnKE6M0scbEoLjp6QYOr74OfeNDgh/4LZfTcVZ9BOexjtqEi4dEgC5vaWASNfjwAjQ2ftKVWLOAuwmVEkfEWDUMfZM66oJgDswXFC7OTKIk7pzIFiBqtG32CkHJvN4NqR/FcRRGEtdf7O/VqkgJuL6oNklc5LQLjKeCDV6PAPfa4oDji+zCqHO22SXR4yG/uR2/O+oslU/qdlhU+O7fG2bMlsxBJjfn2ssSXNlsOnQUFcyRcp2sakXm6m9mAE5uK8tuL2xQk96XH5tudxk9/bE5nVhJMK1svxUDPHHpuYVYPFR81/vYoUhD5P2TKSIb4EG+phpkcvgHH1lmT4UmyQN97E8+ePAXHCSCOq0xUp8d+/nyyNPVaXfe2UKpyJNq4JknOtl+ymbyZvtqXyGBy5lPvZyn71T6LbtViLm33V1h0Onym9t4PxJtY9F/b29XMwJwk36jkXt7jsUPnR97Ayh0dScWmesr1t4SWb63cZOvGssZrTq9AmktUiz7zJ9haEnVLaIKiXGxHqTjsoZ/3fMNAWSX0bHc3OPDcxlmMRQyhDw7S4u364Qr8WxVKZLP5Hd+TlVYcsNlR34woiWPpqaYK5JGQBfiYDASXaGvNlDMy2C+plVLGcXlqf+ieZgp+55DzR6TxMUOTaOTSmu5wzMsFlGMmxpsNRIvSIeWubXTZHobJphBICkU0MgHyUBObQiYhrhc8VGCfPRW7cSLCxhH10BQd93D8fDX3XliuY7M416oOHV88BI1434cb5a1XykgiBwWrpbcsMvFQhi1Hal2MqeLlFKZjgX7XbdZy5GlUgSnVM3/KF7baO+GkeZEoEOOXy/VI2GwPI2Ia4yFxXShffmNJxef5UsZERvHFsMTzeh1g/p9WxMsQA2F0taKZ7FcJ18TiZBCv+jHc89LbFI5Dx1vFA1G2Q5lXaWEJxHP9RqT4xJXE2oZF1ASfkwiXOr9Tru1p1v7p2ygizPHq59xb22mWne3QFz1vSVtL2Rhc3Ec8KohZU6YJN8sX7jbH4DXqdsZfdb77E2eE2muXa/tnSh6/ih50ivcS00MSSon8KZu91R1UzQ6X2wR+qthYGIMd24K43NnrWUSV8RTbKdJQKIc0wwd3fXxshuOqItkWm1xqlyHOZSHFGEZ/0Viit6j7Fn26jgqdy5sEVf2mTyR5dAPrGXGH0NWxmN6JyQzOVaeNN10saablAhd5MWuVnxHAS6v4EAn51uvkRQxPYKTNjHBPurtX//aJSgQIeajo3QdGejDyw0126cqmTv2gzElMCMGCSqGSIb3DQEJFTEWBBSx0Q3w1gSYnAEUnXVq892sH1zT0TAxMCEwCQYFKw4DAhoFAAQUWUVojQ5AvHJTWzEeyQui+brbjG4ECABgQBfFIFXiAgIIAA==

Client instructions

To make clients trust your certificate issuer. Please do the following before connecting:

CryptographyHelper.OnValidateCertificateCallback = (certificate, hostname) =>
{
  X509Certificate2 issuerCertificate = new X509Certificate2(Convert.FromBase64String("MIIC5zCCAc+gAwIBAgIJALXYhAehA1PKMA0GCSqGSIb3DQEBCwUAMBkxFzAVBgNVBAMTDlVubmFtZWQgSXNzdWVyMB4XDTIwMTAzMDIyMTQzMloXDTIwMTEyOTIyMTQzMlowGTEXMBUGA1UEAxMOVW5uYW1lZCBJc3N1ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUdxKNQjjCBOHjZSORE4HQxix1f0q9X0XucrICWEBMEdnrhr5BjYcBaNNs2fa6Boo8g1gKrDKisHpbLqBk+GX8QamLB0bHBlNvNLxZKEhnH8HTPx1WWXMa07DgHK3pcGqazCf5dehkv1bzRvClzKM8aQjChy7n312/Hv3cAg3pRHwLAjfgYXdFeNqxntbKxLOnzUkxn6MHKpoYi3n2V9Co27SIf9avzBZp09tGXXwbRc4UhPhc22GJUtjhLta+VV6oahSuwXdjBMXMGFEaHr8OQVhu/AE39Q2ukGTnPj77bd1Z0dymzjcADfZyaLZW1qgk2OTi/YDvFMyViq9BU4GzAgMBAAGjMjAwMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFMS/Zm4bA57HeUtMXwdT+YYKojOFMA0GCSqGSIb3DQEBCwUAA4IBAQAzkvOEHHNBTffsYGfDk7lv3+WvGGQX2yYMwfGa+mts4sFcasZ4LLn76wdC9sDQHHV7CvXwVSUirteYRJx+A08gAVoel22A2n/QL+Spl6f6iUaQJNwGD00rWEZFw/WL7KQ6wJks+7hQ0oufI4IjcsUr+b3Scud7EWfIYfWXzNLpxM0urgcbTg92jzDiTKjweYOenLpqX3/SPjillbd1sWj3Rm6QOVqSXoMHTvLvfqIgOCqAaCRqUqnTTLXPDKFqXxVvwSiIk2UIXKPv/J8VyAltw7WbZEHP+SuafeTQsiQ6xUW5P9GqapCiyf0Hq5j59SGpcGA7xkpd/aIaKn7ErjNQ"));
  X509Chain verify = new X509Chain();
  verify.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck;
  verify.ChainPolicy.ExtraStore.Add(issuerCertificate);
  verify.ChainPolicy.VerificationFlags = X509VerificationFlags.AllowUnknownCertificateAuthority;

  // Check if the chain accepts it. This can mean that it's from a CA we trust OR our own CA.
  bool isAcceptedByChain = verify.Build(new X509Certificate2(certificate));

  if (isAcceptedByChain)
  {
    // Validate with the last added CA, that's our CA
    return verify.ChainElements[verify.ChainElements.Count - 1].Certificate.Thumbprint == issuerCertificate.Thumbprint;
  }

  return false;
}

Details (Advanced Users Only)

Property Value
Issuer Name CN=Unnamed Issuer
Issuer Key Type RSA
Issuer Key Size 2048
Issuer Validity Start 30/10/2020 22:14:32 (UTC)
Issuer Validity End 29/11/2020 22:14:32 (UTC)
Issuer Serial Number 00B5D88407A10353CA
Issuer Thumbprint 7CA9CFEF51434790EE2A98ECC0BDF83A7E086B1C
Certificate Name CN=Unnamed MLAPI Development Certificate
Certificate Serial Number 00EEB1F12C7ED2538F6AA7BC18661DC148
Certificate Thumbprint B1D10DF0D604989C01149D756AF3DDAC1F5CD3D1
Certificate Key Type RSA
Certificate Key Size 2048
Certificate Validity Start 30/10/2020 22:14:32 (UTC)
Certificate Validity End 29/11/2020 22:14:32 (UTC)

Keys

These are the keys that were used

Issuer Public/Private Key

<?xml version="1.0" encoding="utf-16"?>
<RSAParameters xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
  <D>Fzf0BQ/pl/pknS8eVepl02T00tpYVp2kzMwn++2dCTMiN4UAIbXPvS2xfUHMnsO8M6S+6FutJO5YUMKlsKMcshaS6qie6X0dfResRaoLT4m+6tEI6bjYxWPA/pzjvJEWdVg+PhrOjMQEQo3MGrJkXGO2G1wemiRk4FAIuhRXZNht8B+VX+SJR5coXyYUE+Yf80tdiXm1GiGkCmUMTyNbjSImIfSB3wqkA+zmw8wLb2W54IZnLwN9sVVbVAYKZZ2+EEwmEgJtCMsbkkDoEG1HUQvdDz8wj7J/NfRKzebO2CnAOM96eTkOHcgEA0537u4za92Hkgau6jj8YahPvXyz0Q==</D>
  <DP>AZ2Al5lKO5phBJUAdfSyHai3wg2gGQtiP3rAw6aE6GAGnagkdKYZzMCER4DgorG3f4ILHAOPkEkLFmFkhqrvquZcssGM4IIr81kWRDnSTNQwyNX9FIRjw8AcNdYwUz/sKclSXFIKk3mM1opGRpzOdFcUb+Dy7AGYSRAs90NFUHM=</DP>
  <DQ>kuTI6MmRt8Yp4G4HRaJUj+ZsuikeJtHlPuAPnP+CtY43lE64j79/naklwmcfCrfUIqlaTL2KtRQspeqE1Ov+fNih3C44nvDmwCpzBowgbHTKZjcvSMvla5AUDaaUrJ27gbG99z/zbCtkqwiq4l+GcYgqDyTPnSzeTT5hzPFdPRE=</DQ>
  <Exponent>AQAB</Exponent>
  <InverseQ>QdknlslLIwRaTRz/xImF+oFmmKzJdKJbJ4I2esxbaewXQUNfrkiDh7kGhyVbBGojUP0yUzX3unxYHR1OChokfVZubuXCCbaltNvJsAP2F8nLIKBYLHxrTu+6EPhu1I/3IbsnFPQcf8x5wd1fp/XfuWrOWJAXNw4+2cjxWbza/tE=</InverseQ>
  <Modulus>1HcSjUI4wgTh42UjkROB0MYsdX9KvV9F7nKyAlhATBHZ64a+QY2HAWjTbNn2ugaKPINYCqwyorB6Wy6gZPhl/EGpiwdGxwZTbzS8WShIZx/B0z8dVllzGtOw4Byt6XBqmswn+XXoZL9W80bwpcyjPGkIwocu599dvx793AIN6UR8CwI34GF3RXjasZ7WysSzp81JMZ+jByqaGIt59lfQqNu0iH/Wr8wWadPbRl18G0XOFIT4XNthiVLY4S7WvlVeqGoUrsF3YwTFzBhRGh6/DkFYbvwBN/UNrpBk5z4++23dWdHcps43AA32cmi2VtaoJNjk4v2A7xTMlYqvQVOBsw==</Modulus>
  <P>/xR8DX+Wcx1gNRAQoRlV9qT1/Sb0sVaKtfn7UF4bsZ3pmNWBadPcv2yWhzDReIGpKQwZ8ZvOjkEAQur4BJpsd7DLBbSEC8AhA7lwdn4qWSGwcL8tV+KQbvV9MPqMTKT1VW1GuBMPH4nBIp0wC8VwXD4qicytT+UJqLBxKD4K7k8=</P>
  <Q>1Ts91lOSJBt/qcQ2F5jnoW/071zVvrl2a/Izj1DmvUzwtGUMcXNUPmCBEyXRPgapZUGZSjBDD02lj2gwcYANqKDBXBubdj6WG9BMH3nzHtpdpOB7YmKm7cXjosvTBOPahx4YgEWOEv/7aNbG4kdnf8ygFAsm6Lto6VKqq59BYV0=</Q>
</RSAParameters>

Certificate Public/Private Key

<?xml version="1.0" encoding="utf-16"?>
<RSAParameters xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
  <D>du1o4Wl6LHEdd0F6uCvMiPWzuUmWvzxQ5qmhnk9h4l1fB3wfZU735LX+jR6UCha7tsARKnAwwZttk1tz1EPyHfyf+YrLnxtTHzDwMQBqFbWJSkpGtv1F3AgB9tv4620RkQtxu+ZsqrTzThP/hELoV5h2cA75scqdFG6FiJy+tnr2LYjLXC9nxp+TGuSOFcyT+y6GfyA1hBxuRpPVSyJrdp53xM0tcDpNLLXZSKMVYb96Ka9KoMZLygYdiq7iGddXHAAye6gJnbIszd92q6K5PAiqMI3WIkx8L3aEFG6dQVnkU9Dx+I+uYctM69yfkTXv+gIkhqTz1F0EfXHof6Zs8Q==</D>
  <DP>CoMZ6/DPIJ5pvDiHGa8/lVQdmBDrAojeDQGDJhhP4e7A5+wMmdE9M2aL7p/2KZrEUz8Mao3UFdosA0Ww2yH2tbRirfkmsxvAa+GNHFaylHLaA6naeCUgom2BmvcBw/4ewvWQAglDX5AVeATqM7ir7yXT+JtwFn1bMOFKEd5z/uE=</DP>
  <DQ>KLpcK3elsG8JXE9V57WT2RndE0hDWWC0EqyRGeecBCYWyStTR101OZsr9GWS4MUrVhhaWTkbVLbFUoIhsbW2rpoSFKdW78Gg0uXUffzRMx3WKuA4/k48xobMHH4gHdqFLGdTrYjdAAt80wB5CmLbY2uaqp1zs5LWrKzo2asT+HE=</DQ>
  <Exponent>AQAB</Exponent>
  <InverseQ>o5+4VBsda24+VtqkPdVRsQIT+pxyjl/C4TAhkYb3ndqtNnL8K6iKmGrVUTm7LVY60EAJF+qj8U73GmEFzDEUlqSeg3fGy9m4YCwJ1/IHRwPVwbFwcT0j44vFo3qiOk02VcWOFfKxlaIyV069pUqzfqREbhYSF8QQkkmEVmgYFJs=</InverseQ>
  <Modulus>nL+FLFmu7r0kZBRwaKZBos31/Hw4owkKlHPHcw/g9CehIRw6aTmrIb3+U80uRwVyLdHeprE0VnlK5JhZC6zqsgvkhMLXv8iSw3R0PZ6RDV0EOIcEbyTd9yI8qcN+oJ7Njm5a8DSZYzVD/s1Oe9zkEThv6KIp5DiA1EHJTHnesjD0fc937ARvl3iV1f/QfI0RrEHeKQmojw9gI/ImgeBDt/m+4ZAKNOkjuofRzev5q1WuBqbibyGl3UmkhGtB3V3bJ026zllG5/1s/+Pe4bLJihdfKpf8Q/4GIWxM7Lo0VyDypT13WQ4SCEtAafbLeCtkOK8F59d4DfVltF/n52ljAQ==</Modulus>
  <P>zgU9K7E651Bo7czPLJTrhwUfjfji3gALeTrOXL5QZskZAjd3QzP7dKaIW406TT0V5U+XZTl3GF070s9SIUmiRXFUsoNrgMzTQ4T5tsx45D5Z6j+NA6TOW7lEBFV9x6WR1+j0VTn7xrH+K6ptrO2ZtWrNqPz9sqMJqf0p40FeHI8=</P>
  <Q>wsZBkOJILwOexgc2+mLZkV4d1fTEGmDLAo1yJdKt4A7ZlCPM8J3AKiapKgXQmEkn0D8TAk5k/AEVi0XemJKc/5DTSr/ON8Dx4yHDZX92NchH5YShX6F1Z1Vh8r27epgxJb6LX7rap9YYx5vMMiMT/lZX/XYuDGBvLaXWk7m3b28=</Q>
</RSAParameters>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment