Skip to content

Instantly share code, notes, and snippets.

@MidLevel-Bot

MidLevel-Bot/quickstart.md Secret

Created July 17, 2019 02:35
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save MidLevel-Bot/594729e70ca1eb28b32f99a28b5337ea to your computer and use it in GitHub Desktop.
Save MidLevel-Bot/594729e70ca1eb28b32f99a28b5337ea to your computer and use it in GitHub Desktop.
Download ZIP
http://cert.midlevel.io/ Generated on 17/07/2019 02:35:19 by ::ffff:3.92.28.84
Raw
quickstart.md

ONLY USE SELF SIGNED CERTIFICATES INTERNALLY OR FOR TESTING. USE A SERVICE LIKE LETSENCRYPT FOR REAL CERTIFICATES. THIS PROGRAM WILL GENERATE A CERTIFICATE AUTHORITY KEY PAIR AND A CERTIFICATE SIGNED BY THAT AUTHORITY. CERTIFICATES ARE ONLY VALID FOR 30 DAYS. AFTER THAT TIME YOU NEED A NEW ISSUER AND CERTIFICATE.

Quickstart Instructions (Basic Usage)

Server Instructions

ONLY DO THIS STEP ON THE SERVER. IT SHOULD NOT BE DONE ON CLIENTS. THIS STRING CONTAINS A BASE64 ENCODED PFX FILE, WHICH IS A COMBINATION OF THE CERTIFICATE AND THE PRIVATE KEY FOR THE CERTIFICATE WHICH IS USED TO SIGN KEY EXCHANGES.

In the NetworkingManager.NetworkConfig ServerBase64PfxCertificate text field. Enter the following:

MIID/AIBAzCCA8IGCSqGSIb3DQEHAaCCA7MEggOvMIIDqzCCA6cGCSqGSIb3DQEHBqCCA5gwggOUAgEAMIIDjQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIHlYygjZsO7QCAggAgIIDYKbkF9RBDd1xhwzRINUrGOmw87oDJzAMeTHU0bHkJguYFrO1YTX+VNzgmXrQ52xFoMTahVWa1CqzlDfuFtcTsk7xC/E0t/9G9HLhBdBdkZHTlpdGzA1jXEDRjI1ZA1Gb0hmHgGXFVjLKrOCjXOzQy0Wk7ZzJhfYJd5U/OC42cW17EJ6Z7b5o280DaiuqXOQ6UymBR14pTjWfOxE+erXfdygkmf6oLYsknLRbUf8n572C3wHRBABHfMRZLiLnnRg7wuTbFd6UI/ycuvVemmYMU22+RWlHxcp1e50oH22o35ISSfM6lhpkp7MtiDdFxCn3ztf+VYcAliU1QFnFwpc5y3R8ONRD2+UjYPapEg7ImNS4lIIq5uJViWfJlSanxIgQXLL3EL10KiiXyVo1atZlevXVlcogYYxCAtLoRqpMRzT3iaEq02vOoz5ISdLv3QvNOrmXkFTi4H8hu3QWhL0nnlU98kMjQZ/e8ADK3cRcBPd5tqwwydG6bth1bZ/1jWYLYZPwQMG7vWvBGCgqZxFpjrs/ICcawkR+Hbyp8Ub40o5EUzfwAS/XKODsAj5MPLtP6iEaYBj0sbID07gBVtTFbxq4qxKKcYIKMv3md//PCbukFy4Dot3LoW13o3cAMU9B37mg7GKRDSkjD8ZXeG33YqLFqzkbr/Rot6HGIiVZS2xf1d9VNl+Ecmdvg4bHaqnUC4/sJBwy/uqgxA/AkYmgWszDi3zUppC1VAvLGF3+cq1QYzvBfsemcIEUscqf1l/xQ8f0vPPFVvlVQeqH6na4YVdZ/rdDCE4eRY/02j5C5ZDG15gW4Ms0Xx0WtilNBIWF6Mo56K5aV2rUJPH+ucG9b1OM+OhfVgmSri9IkXM+FPmdkVUI2hGEDvyTnW1oo5eHCuWizuIDQY/jAbuXKVf5OgY+zAoKpSmV0sx2qpyPtd2I9hmETOC4djN3yziNt62Vc6h6nsM8/Qiq/Q7pz9Zh9a2Z/ORmDwJh3PgjMlrY+hFG0rSv1xUOwgHv4B9uF2/diwG9Rd6M7zUY4NYLR4+1TFaSmSeXPTzklmJzK2EChsUu9cOhNYTNHLyZ1J00hegiwR18oasVqYrmM0legIjKMzUdw8UwZZPVC/D71uStSZr9BtgzTGTkSG97pPeAW8FdajAxMCEwCQYFKw4DAhoFAAQUI8s02vJ5hFV0X+oxtBSjSjnzHXoECF0zf7+TnOHRAgIIAA==

Client instructions

To make clients trust your certificate issuer. Please do the following before connecting:

CryptographyHelper.OnValidateCertificateCallback = (certificate, hostname) =>
{
  X509Certificate2 issuerCertificate = new X509Certificate2(Convert.FromBase64String("MIIC5jCCAc6gAwIBAgIIZYCkAJ8TyacwDQYJKoZIhvcNAQELBQAwGTEXMBUGA1UEAxMOVW5uYW1lZCBJc3N1ZXIwHhcNMTkwNzE3MDIzNTE4WhcNMTkwODE2MDIzNTE4WjAZMRcwFQYDVQQDEw5Vbm5hbWVkIElzc3VlcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMBJtdo/8GRuX84Ygsqkkl/qyMbckh6qkxT3s/7PDYiywKWCWDs/KlBFjDPx3LqLOhMExlXNJK9Lv7qRK8al0pDtsYRusW0j7tzEX6YMjFed6rBCu78AtwZ3SRE+Nw2vilokiDA9KiuUHODyMjLt44/0nY5LAU9pJ6NUj4qVLyr7dGU3qQHR7Enwixox5LCQE9xQ/Xx5ouJXTmr5QSslw4z3/hrMBTdHmB0K9MHq2k2TJqidMTk0oJbDHqHFM2LCiHxx/L5J+kkCPRkD/3nSfrs5kVMCU2zjgXO4LftBQ5hvebW/pzgYp2ZsISEeRb2fcGWRomIC7HJm3Dck5yWxR2sCAwEAAaMyMDAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUXD+PMqpXbrdnPWMNkCbm4vjYeDEwDQYJKoZIhvcNAQELBQADggEBAC9T5wzoQnBwDfTtKg08c+yXFpW2SZeo3PDiehceyXiwCuuP9EvK7CdNpUzC0MZOxUYaqqkYcIO9ZtROwuszNq9OeJKv48VsKjdSC5MDrbkSUpOEAZF4FNVCo559jrPZKVbtWmkkErQEkeYo7J/yOJCoc/sVP1/OQvq6MrcePYlrWZ7hUiYI9WU5EMcZAzBS3Z3BG4RZTciaibPeq6Vs3PSdLHOrDUv0v88+w3ucW8fBaoUsABVtkAfnMzMwDAYIXwYNj/XOdV0Rrj2+n2/Rgc5PXNuBdAAicMfcTcEzW7kRlGfadkrvZW/o8fekdQuYl2FK0SZu+XzSK4PlR2UcYbI="));
  X509Chain verify = new X509Chain();
  verify.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck;
  verify.ChainPolicy.ExtraStore.Add(issuerCertificate);
  verify.ChainPolicy.VerificationFlags = X509VerificationFlags.AllowUnknownCertificateAuthority;

  // Check if the chain accepts it. This can mean that it's from a CA we trust OR our own CA.
  bool isAcceptedByChain = verify.Build(new X509Certificate2(certificate));

  if (isAcceptedByChain)
  {
    // Validate with the last added CA, that's our CA
    return verify.ChainElements[verify.ChainElements.Count - 1].Certificate.Thumbprint == issuerCertificate.Thumbprint;
  }

  return false;
}

Details (Advanced Users Only)

Property Value
Issuer Name CN=Unnamed Issuer
Issuer Key Type RSA
Issuer Key Size 2048
Issuer Validity Start 17/07/2019 03:35:18 (UTC)
Issuer Validity End 16/08/2019 03:35:18 (UTC)
Issuer Serial Number 6580A4009F13C9A7
Issuer Thumbprint DDDAC1D7C33102C98636544E95963F6A958A2B84
Certificate Name CN=Unnamed MLAPI Development Certificate
Certificate Serial Number 00A7725EBA494C9F39DC3224E86B5F5AD9
Certificate Thumbprint 298174340256A2492C0836D872522D99396375DE
Certificate Key Type RSA
Certificate Key Size 2048
Certificate Validity Start 17/07/2019 03:35:18 (UTC)
Certificate Validity End 16/08/2019 03:35:18 (UTC)

Keys

These are the keys that were used

Issuer Public/Private Key

<?xml version="1.0" encoding="utf-16"?>
<RSAParameters xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
  <D>ZaBPcXrrhVjkX5uKvKkAB5uh46A9xeFm/OTxh5FM2NuIf7EFCsMWjPhE4ktI2nqtBdI3NK/IXLFPMr55AXMwd5J4iMKsGT+thZZv6uWk4sW+fMu4SHmLQeqXfnqAREZre7rlE4GwIPoVzTmUGGCsLbAd+U9g8ORlo6gUeSzhkfgLgtH8N38AmPr9Ve5z3msmnbgk8KXCGTFHLksUMVXzYwhba5Iik9BInjqMSCHFKhzCZH4adDq4Eev6HI//R3W2nlvzEfntecpQVyKyAG7OzLBvL2jv5y4+vxlosqDkjI2XWQB5qdmESFNZq0Ylv3uKjmgEVPttjJe8rR0k9JjWsQ==</D>
  <DP>1hBQPfD9l/SXniortuJPSQyFEMDo5rGOzwN22H/wp/nZ98f28KLYtskkeGTQ+FHfmO9syYxIdhniyXBwsrOAaKDsKGOevZbv1Sz/8ljYWniLAYaNfUyEB83RRpi7bkRLzxdHwUI/nUnfSfZyToV5mlLgnsR8XJUAMNWQqlZGqgE=</DP>
  <DQ>rPV7bhgvwd5FSv+/zaCGeRlkD/ploDb19KTZutLNlVOepZBBsey+4NqWqCbBGjGUyOrPqS2W3+jJL0FO+twxKYVTMQeS30Hhpc+/qVLUf1mWf7ln0cZwks3MAjEVbvBKUIr5VcRB7morttCyVZpOyYVbot4cCPECLzRwGQ2VZI8=</DQ>
  <Exponent>AQAB</Exponent>
  <InverseQ>vjlq5CGVaCxwp4Bu94e8X0pnKsTxfw/A/EU2FU3uLebaNx6YCUyvbXHf+cH2gsMvVFQzgxOoGAHJvSZ5YRaTS2rY4Fk9s4povdZjTTOTrcM4x7KpiFfXOrtk9miMw00rWHbvIK2hO+PCrQ5rSHU0WblQmV1D5FxCvslj192rJM4=</InverseQ>
  <Modulus>wEm12j/wZG5fzhiCyqSSX+rIxtySHqqTFPez/s8NiLLApYJYOz8qUEWMM/Hcuos6EwTGVc0kr0u/upErxqXSkO2xhG6xbSPu3MRfpgyMV53qsEK7vwC3BndJET43Da+KWiSIMD0qK5Qc4PIyMu3jj/SdjksBT2kno1SPipUvKvt0ZTepAdHsSfCLGjHksJAT3FD9fHmi4ldOavlBKyXDjPf+GswFN0eYHQr0weraTZMmqJ0xOTSglsMeocUzYsKIfHH8vkn6SQI9GQP/edJ+uzmRUwJTbOOBc7gt+0FDmG95tb+nOBinZmwhIR5FvZ9wZZGiYgLscmbcNyTnJbFHaw==</Modulus>
  <P>3+gZbEMvXdGmH6XTa4e9PEGxJjO/1b8bdXv4h/AWINwvAn333RDGDbxilqgtW2cgE6xYnemV2CHVhXBq1QB4ZqQKPHgNu7VmKW71aCzCPHk5PguRJLcMonWDFy7Qstvj1pD1o/71JW6Yyr6cp1IkNznE2CS4OZlZ+hMYUXufxbk=</P>
  <Q>29lpmjjC4kDzTOaoHjrMWGZEy2LeqWzLA7kRuBjJySkYweAHy9aD0FJXF9CogNSBPwp8ACAYYGcA1FLev73N49HtNqfVLKfY/fJGC1K0Rt+cgRMRqsJMo4uM8ligb2hPU/PqBJDh8vZBBN91e5Tprj51NZP7XiPfxF8Hum+oyEM=</Q>
</RSAParameters>

Certificate Public/Private Key

<?xml version="1.0" encoding="utf-16"?>
<RSAParameters xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
  <D>ef4OpoHJuXvKHsNgsVpcKm2ju490W8MBDlI2fHmXHdnJkNXYvC1Yd3kG9xEtOmWLaKY01/9YSKEIrMFJdNgZRxAJvLMbKa5LNADm+YNIxNAgbuck3UCTtBn5keTEaP8bWHIca8xT1TYT51TvTLsIWY6Dubg05F7imNaREPdUsUiPijy1ZXjKz1J3x7YsAmtJ4v+JuBJBBd51c5mgMIiTJE0cNDL+ki5QqVXyegejc4h8SFqQVpNaTUVdsrIAZlrp7c6OZg8BBlqnHZG3YbY3hP6htG/LkrLg74UkNIQB0LhjotAQ2MOJxhoT5vRNKAcTSM8PMB9LZR//yje6HtQqbQ==</D>
  <DP>ZBuB8t/LDMGZQbmfrF2tCOujxQiFJO2XMnLaXSoiYTn5NWRck8rl+mEbEDCBVqJqJLhOq9RhLcygUrrGZjtCM4cm5VfJ1+Y4EgqPh3vSDjo96GcCJO1M+zAK+Qc3iDlLM7CF97okZppp8PBzNagyHa+FrvgKbU3+QfAyZVz4bJU=</DP>
  <DQ>RbOkSz4nMgFHpYIj8uPw7dl1MX26ZKLmRE9ZAc7Lb4qkUYqeoZwhSj+7CpFU/uWzZoxm67pC6KQzwGPRONohTFoTz5DuIZyZMfGFpDkRuaR17Zu8EH6g0g4TX/SCqjVJ2fJC5X7jvaPjqzW5AHF2dVRIE6cOV2ssNO6pkTFbnsM=</DQ>
  <Exponent>AQAB</Exponent>
  <InverseQ>2ceC6JayfL2m4NPbPwZh/Gv9/HOu8zOEZvv07UX1kMnnllXmVFWYbJAytduneF2j7OodDstes+mG4iIk9q5A3D4hZIRGNXJs7p3VI4oYKIgpb9wrQXO/1ha8sqBmTBswcZZO7j6h4jtW3LwUTinzLbhQEhKMr8/KZLw0VHLUfyM=</InverseQ>
  <Modulus>0aZ+RnL34QzCPMocdF6+c/INLc+Liai5IFvCNG3SY18t+0G16mJ74xcn8xysVUYMfMq+D0RAvWwzupnPPNmtJIHja8hjfel2tTYUaQiB21byxo3YD3MWVrPu0FjC4GmA8mcM3kJBOGifbfwOl4BFvRBXYL2Qy+Kyk8LDcF8YDorav6PG1XqyKqJKiP7ghKP0b8KDw8rixnqS+xSiIX5yAjC+USUmW8/23ofdUysXgYTTHBwkYsDXbHgytl3St98u52L30pNeMgC1NQWd0rgwOGgLFTc2UQbNm7s+aM1x8oVWg6p0Tmus0+wTe5x3CFME2xIWWinCoU40aCf85DV5OQ==</Modulus>
  <P>565U2snLWtwXrd5rV9QdD4BAFTqeQKTbpAaNbMII0UPzMYALgCGAOC99+khfGFDcyiklOo3CXZmvLMbk8VoP75hinWVVSESPfPosmsxbuN/fVaeurISVIZ7kSt9et9ACboE3orTODPiS6k6dY/9GVOJTDC8FhtRCdnwbUMJhUpc=</P>
  <Q>56gpN7aaai0fT5D+UAxOEs207A7ZsZO9DW6JSno7hAThK075ZRqWL3Nxe6mIElBxXZZrkulGrMjD1ZFiiDqawanTLhwxoDMIBGW5hziQS7CYE6amnn+HvWly2xBGZmDtaYkQ8Fp6OSTLz+EayOv0MkBij8GArLzPqvn+4bK2nK8=</Q>
</RSAParameters>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment