Skip to content

Instantly share code, notes, and snippets.

@MidLevel-Bot

MidLevel-Bot/quickstart.md Secret

Created December 15, 2019 01:03
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save MidLevel-Bot/27f82ccd89dbba23463c3abf041b3675 to your computer and use it in GitHub Desktop.
Save MidLevel-Bot/27f82ccd89dbba23463c3abf041b3675 to your computer and use it in GitHub Desktop.
Download ZIP
http://cert.midlevel.io/ Generated on 15/12/2019 01:03:38 by ::ffff:3.81.29.254
Raw
quickstart.md

ONLY USE SELF SIGNED CERTIFICATES INTERNALLY OR FOR TESTING. USE A SERVICE LIKE LETSENCRYPT FOR REAL CERTIFICATES. THIS PROGRAM WILL GENERATE A CERTIFICATE AUTHORITY KEY PAIR AND A CERTIFICATE SIGNED BY THAT AUTHORITY. CERTIFICATES ARE ONLY VALID FOR 30 DAYS. AFTER THAT TIME YOU NEED A NEW ISSUER AND CERTIFICATE.

Quickstart Instructions (Basic Usage)

Server Instructions

ONLY DO THIS STEP ON THE SERVER. IT SHOULD NOT BE DONE ON CLIENTS. THIS STRING CONTAINS A BASE64 ENCODED PFX FILE, WHICH IS A COMBINATION OF THE CERTIFICATE AND THE PRIVATE KEY FOR THE CERTIFICATE WHICH IS USED TO SIGN KEY EXCHANGES.

In the NetworkingManager.NetworkConfig ServerBase64PfxCertificate text field. Enter the following:

MIID/AIBAzCCA8IGCSqGSIb3DQEHAaCCA7MEggOvMIIDqzCCA6cGCSqGSIb3DQEHBqCCA5gwggOUAgEAMIIDjQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQI9iYlO5TbVoYCAggAgIIDYEYYBD9FI6e88zfOH5BhfEiwDcCmHJx0K2AVygGs66ydLP4ULQz0qZHi/q7imuam8uksCuj+tqV2DZSJTGVn8jBNCoLAAHglor1nQxKh9FvPkvbT4QzLL/7qrzB3k9BFHyQdIzRsM1ikNfqO0SQY6j0L851+AxMowFX4j6rvGzLVEjyDQ5D8EIzHTFzFGZBmeZmAKPK+ErSNcH9FuDuCTDSm6MwGACK4T44GKw8Rw4AISF3uNUhSTZZTLN4Nlih1cZPpArgj53IUSWiD5JiHFsJJCRhPTz7Otuf2YjZgrUPLQB/J2lB3OHpoZQuJPjvgB1k1tRUBAKrYhanCAyfjRBmQ5tzP7BRrVzaGAeyFey+nZymbxA+wClUwEJcqyFpmnIg0T6N4ODo7RiW/Dln8GcSpbnWhIoFnBRoHgq4SwJDTf6BKZh9IipF0VcLYGBI2vGKyXyukoMuaoUGUylFgcHw1Cq2gwjaTixoTFXgVQ/98o86eZZdW5JQct7kupRN88yl5+9nZvMVYam7f45u26z+ULoOGrBJR6jJx2LRS/dbecmfp3xZ3+ipJxScvv6y6kuHHialseGcYATvfORLQYKhwpV4G+uLBFBf/XyMpPFNbHcSiDrNQEOW1pu1Va/Nw9sWqBdGVFVnSc1lkDYx1yO8XnXi493Md6P5wkf7VFg4rHZTXncm5mnuToNU3hSghqp+jJvqPJS7LIGABFWfmK82h0PwbiGXS97Q5uYEZjTt7LN0Vl9nOiiec8I3ctJ0zeiX9q6flsWyfgoexi33eVO/sZI/KqRlumuBpqQSvQm5CARnxDceWk0gCxHKrFKDgayl+gKI8RUmS3MPHZbDblolYQ1g20IxoH+X30e/cNMiZQAnWJ1qLL/K2ctfjJNY+7jcXuHTYpgse5ZME2p3hVAY6/J3o63QgdNSOZ9pNUpfxZ04idgcwSm6vUUz0kfbAQMUgZzuVYsQfAE5f3ZAjGWbMm++ufa3RBzycX1c9HpEslOd8ktNNwXKMUsliEScoeDYOJqrplpkduPHyYQa0lNqHqbljw/xo3easT6q75noEODw1IeKk7NUgP9wyKSbeCr3RAe1GQyxTrpkief3D/CEol5D6k36+VDplXtpPYgUfKBExSmjF4pCgyr6/APutSjAxMCEwCQYFKw4DAhoFAAQUyi6OXwMyu3SvzzamJ+2uKyQZgRYECMVFZNNJpvgmAgIIAA==

Client instructions

To make clients trust your certificate issuer. Please do the following before connecting:

CryptographyHelper.OnValidateCertificateCallback = (certificate, hostname) =>
{
  X509Certificate2 issuerCertificate = new X509Certificate2(Convert.FromBase64String("MIIC5jCCAc6gAwIBAgIId0gOPM7xRdgwDQYJKoZIhvcNAQELBQAwGTEXMBUGA1UEAxMOVW5uYW1lZCBJc3N1ZXIwHhcNMTkxMjE1MDEwMzM4WhcNMjAwMTE0MDEwMzM4WjAZMRcwFQYDVQQDEw5Vbm5hbWVkIElzc3VlcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALgdvd0rDi4mRbVSVkxniNenJ1wqBHvmEO1rrjT6m4aU1/GtnvyExXYrnJQWHlAxTuFb1E8Em4pv0JUGMOzrbdiFF++SICIaAB+KaEvefkw1Q8aoDqKJ7CzyXJ1CwDqD5/z+6ZfSUV7j6+kldlzUiNZsUfzTTttoInmF18tf/xEFpADGqeXwdbf1n6GQttf1lNmf1VHTuVTBQfvIGsZnJu9XtuJtjHBU8L+HW23NWDBuZAr6274AvE8XMm0XGBlO0jkd3vpUjralVTKhjC8P1SsNA8Juok68m+fE4CBTJk4T31wJP2mj/H1Yjk8LZVXIxtXeruCWyQH+7mAu2KXNTNECAwEAAaMyMDAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUhELGSpiNtBX9O7ZHWUSI3Y78Gk0wDQYJKoZIhvcNAQELBQADggEBAIJK9q/Lw9czsHOkuen7qf7gYTVlSSRHNjHNOcmVCCAkKAlfrNmDTeBhE9bmn9B1G9d7YwpCY3JyPMKBdqiOKSm1eBgs4WqpCpQ1pbs9luN6OQMUzIMCyGSDjUg68ICZmaD+KSPVfQq0STez7PIfDce5ma1EPRo2OtaKHs37VQuPlm3glBlsNPQuxS/b8ELFhhJJdrNBvwV/sJT3CqjD2TsYqtcSuK2AYQOVal6jSjnmtdK6eATIiWYumceOE/Vap9axIW8m/8uDCKbR42PZi/vCDcYC6a4bQ4Fmow99K2Qc6rKbPnjDGpzHkhdZ+yBrf3e09/JsVTGsq1u5UCVcjuQ="));
  X509Chain verify = new X509Chain();
  verify.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck;
  verify.ChainPolicy.ExtraStore.Add(issuerCertificate);
  verify.ChainPolicy.VerificationFlags = X509VerificationFlags.AllowUnknownCertificateAuthority;

  // Check if the chain accepts it. This can mean that it's from a CA we trust OR our own CA.
  bool isAcceptedByChain = verify.Build(new X509Certificate2(certificate));

  if (isAcceptedByChain)
  {
    // Validate with the last added CA, that's our CA
    return verify.ChainElements[verify.ChainElements.Count - 1].Certificate.Thumbprint == issuerCertificate.Thumbprint;
  }

  return false;
}

Details (Advanced Users Only)

Property Value
Issuer Name CN=Unnamed Issuer
Issuer Key Type RSA
Issuer Key Size 2048
Issuer Validity Start 15/12/2019 01:03:38 (UTC)
Issuer Validity End 14/01/2020 01:03:38 (UTC)
Issuer Serial Number 77480E3CCEF145D8
Issuer Thumbprint 9CF4B1E8243C0B76ABF41EB1D42168A8A487CC8D
Certificate Name CN=Unnamed MLAPI Development Certificate
Certificate Serial Number 20DD7F2B46C981CDEED3C63751D12B0D
Certificate Thumbprint C465E3665A9EA1933D2F6DC6F7FC1D941DCB7486
Certificate Key Type RSA
Certificate Key Size 2048
Certificate Validity Start 15/12/2019 01:03:38 (UTC)
Certificate Validity End 14/01/2020 01:03:38 (UTC)

Keys

These are the keys that were used

Issuer Public/Private Key

<?xml version="1.0" encoding="utf-16"?>
<RSAParameters xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
  <D>n5zxDz6XMXzua63wsJYFNOdtIOIwNvURcbIrOTSVBcwdlR/uN34m7TYLrPmr19uXRZllagdVjGM5EShn28yR0uY3BPLKNqYRu0Yy+qrtFMYMdrkUzuYAwEpv7cmDencF8/dNrNegwUGYL+vRO9LoufL39NV/hIg3cuCMXnxfVHH1md5xB21RbbB6tbIn+LICJrbDwgYW8KPG6MF4fyjwcepwijPxF8Sc/vE03HQJU+a46dSFFJQVs2yHLikg5fRLZKhDW2GUsoMeDxij19d1EpxKHPJtG2wXb6RxZSiqToCqTNo9d0V4GNlr+VpD/5kJu6uD7MibZ9w2KeOp1W/wHQ==</D>
  <DP>LIdK8Ryr72jHeCx9iZ1V2Oai7ZhWdfjlRdicm736jMAK7BPpYzAMXxvuz6MJS68EdYQFrZRvjVt68hpx2yyuXX2gw+yvZ5hBlfRaAQ0qOXF7Sej8udghUxHboJ43gxVItIC/ujG0K2xot5ebNFoMbLAXo3yWb7kSAN4Z9Shu3FM=</DP>
  <DQ>GzNwcuEt/14QJvd5buueHb7Pn0Y1/G7l9A1j3HAtpuBNzH7WL1dZe3RW6VCminbvLdwyHUVZMYoGCJi+ItzqkW0ve/ByOCJnBDNErKJ32TSYGgqREIl3suYgzGyKYJ4dnBswltqFU+MjXCYTHKsr9yx3gxHNElWFivq6/gTAaE0=</DQ>
  <Exponent>AQAB</Exponent>
  <InverseQ>xwGu8Vv684+vDkYh9Rgi8xr82uy7XcmAR9plUgVRCA+YtlLwibQXsrmSlw00qGmVwiBviA/f9VYvZq6NSZhhqGwpDI4I5PHj2XY0bckXd4VPFs1jYzIWfCxy75yROIF9PMd6h24ziiNyoakxzJbWsKNnPmt6yzVLqUiwBV1P1F8=</InverseQ>
  <Modulus>uB293SsOLiZFtVJWTGeI16cnXCoEe+YQ7WuuNPqbhpTX8a2e/ITFdiuclBYeUDFO4VvUTwSbim/QlQYw7Ott2IUX75IgIhoAH4poS95+TDVDxqgOoonsLPJcnULAOoPn/P7pl9JRXuPr6SV2XNSI1mxR/NNO22gieYXXy1//EQWkAMap5fB1t/WfoZC21/WU2Z/VUdO5VMFB+8gaxmcm71e24m2McFTwv4dbbc1YMG5kCvrbvgC8TxcybRcYGU7SOR3e+lSOtqVVMqGMLw/VKw0Dwm6iTryb58TgIFMmThPfXAk/aaP8fViOTwtlVcjG1d6u4JbJAf7uYC7Ypc1M0Q==</Modulus>
  <P>4wON28mxvOcQkV/h2gVJWXwz8QJ9i/c4/W3B6fJN/9o8V9bYnHnyezJcrFYg6bjUI53Ye1os19poV+PhSMxF5y+9b+Njt5WZzaey1vCXezRo0UQuBNYaeGLosI7oliuwI45ppRll7LHMgFXEdHwK41BIFPRZOQuGZriA83tKZT8=</P>
  <Q>z5/7avf50IjmkV8f+XjJHp5sWpNyob+Mo/fjMVEaJnYXZkmqbvYQ5lpac429qbJof7aIXMV0jBycUFju37X60n5T4EYSgNLVUkzziLXkUi+gEjUqQJjnQ3+LMoxWgDkxntLhHKgMWyGra62vlCJd7j4Y6Y7Sn8WOmE7kaakCee8=</Q>
</RSAParameters>

Certificate Public/Private Key

<?xml version="1.0" encoding="utf-16"?>
<RSAParameters xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
  <D>RaDqWDfWGkdFAX9syLBKgUVBJdL/Df/i4dJaprXLkH31MOxWtGGmCHksZmGbvjjHmktKwsJ6rmO3TuiRAOKI4SvOyxOq+ScFjDT4KI9/Zfb/2fXM7nsBfVo5ZjBC1VgEQC881/bDAGkeESxLrPtCpGNXrDjWFJoypUVMtxF56GFBhMO28x4KdvIpS9HEN/1NIe5cet2U1N8DQ+rZIWnOUQP/73S5IHZp0iXqy1w3A0PlqeOksW+x0u7jne2y8y6gr9jfxTqnyeaFhGhiF+t4x+hVb/3GMyyBr3Gn0IzbBirHBxhE1/oD/FFaOWsvsTctayTjHJAs5O4kmn++T4WPWQ==</D>
  <DP>zzbAeld2k3fOK9fptHNoly8PatV+5R09nqcKKjzM9VYN02Y688pVrLv+ww1PDCrEVOMHTUMHqiQ5tyRa9cyBvuJAWIdcvPOYl6ab5l7qZw4aD+rd2PeTYel1dGeKkGB9mIUq8eg67jyv4294hoycnacLRPIE6e75LduWScp3SOE=</DP>
  <DQ>UumOFqN50SCdBK/6J4wd2NAdTB6h9EEJ61CFSK0DJW3mYYvdSsiTxBzuLCvdFYTSMzobdqSO29wxvWqB3KrnJS6eXZTy7R0gwEYd7y1ajgfC2E4bgrjp3fXdlSSJar0WxOefICTzb9Tiq3NO1IWegJpyOgAqmNXPa1czAAYAyxM=</DQ>
  <Exponent>AQAB</Exponent>
  <InverseQ>H3NtbjlsGBr4k+gmLf2czgl6nuwOD27d4qeJzlI1PhTYB1uHt4TqLrRGn4CPmNkmYUbK8MKyJpANEu0om1ItIRA4U5Jo7w/vXD41M3Xi329CvJGHw0LuX8YTZeIo62E2pU/lBS67EKzfjHoPjLnwqZ6Dc0YWKf7hSTqmpn+zqe4=</InverseQ>
  <Modulus>tmQsVmxXkYwFSaVN8KRnMp3JAKqkPMTBFD3jqunUX2u7Wc2skuW89bAi3eqi6mzzb4J7XDca45GXWejFnprfXc5Kn1dFad9tgfG9cd7zEjpH5sOGxYBx3itZ9KjCoiDHpzhRha4R+tLe3F1ojkII8HpBVqly3xX1/MlZfAwVgbZECeakeUx6r8moyNJjNbopZBKmURQQrOIEhhQrrzzU9oWFiqcYdt9TgUqJZdSa78b3X2uYdo2pdvMoGK+ikI7Zusa3XBM8T/8qmX4Abwip4yV0TGcUyjLqgT7/XotdYLQSE7wFDprbpASX6UBVgnelcAfbKCUXisccYJ0+ezhQfw==</Modulus>
  <P>8bV9zLZV22UpK6kNNyNhjnOU8zpUnb7DlLUhy+fm26viTGvRBeSO/uCq4YuCk5ndXo1869D/8152vQeOGS+H6EBxae1cWgmAsGwhvY+7f4Kcg6+T1DW2joL3yeRdbNvLVPs9mV3ZPrHyzhhCJpbZ9GzP+ZJ4ovTlfDZnnsAa6qU=</P>
  <Q>wSzZcO3wVWzbhrY+oNWFPKhG8/V2OFNZDkiKMwprP9WWg+ST0rsVa7c/8azrghjOe3dKygXInZVCu8pxjcpSLqGJj/YaUglIHpGd4rTsi7O+ACwn8UKmxfqppoVQw56049YQLefg9GreHsweP/vOAGQQKtUhhyAL822bBvipuVM=</Q>
</RSAParameters>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment