Skip to content

Instantly share code, notes, and snippets.

@MidLevel-Bot

MidLevel-Bot/quickstart.md Secret

Created July 4, 2020 14:55
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save MidLevel-Bot/61c67e683de698224ba95dc560b377b8 to your computer and use it in GitHub Desktop.
Save MidLevel-Bot/61c67e683de698224ba95dc560b377b8 to your computer and use it in GitHub Desktop.
Download ZIP
http://cert.midlevel.io/ Generated on 04/07/2020 14:55:13 by ::ffff:3.235.62.151
Raw
quickstart.md

ONLY USE SELF SIGNED CERTIFICATES INTERNALLY OR FOR TESTING. USE A SERVICE LIKE LETSENCRYPT FOR REAL CERTIFICATES. THIS PROGRAM WILL GENERATE A CERTIFICATE AUTHORITY KEY PAIR AND A CERTIFICATE SIGNED BY THAT AUTHORITY. CERTIFICATES ARE ONLY VALID FOR 30 DAYS. AFTER THAT TIME YOU NEED A NEW ISSUER AND CERTIFICATE.

Quickstart Instructions (Basic Usage)

Server Instructions

ONLY DO THIS STEP ON THE SERVER. IT SHOULD NOT BE DONE ON CLIENTS. THIS STRING CONTAINS A BASE64 ENCODED PFX FILE, WHICH IS A COMBINATION OF THE CERTIFICATE AND THE PRIVATE KEY FOR THE CERTIFICATE WHICH IS USED TO SIGN KEY EXCHANGES.

In the NetworkingManager.NetworkConfig ServerBase64PfxCertificate text field. Enter the following:

MIIJaQIBAzCCCS8GCSqGSIb3DQEHAaCCCSAEggkcMIIJGDCCA88GCSqGSIb3DQEHBqCCA8AwggO8AgEAMIIDtQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQI4zB3rYRUh78CAggAgIIDiFGqhOON+6Qw75P9ji7OQwJxShPaRXLMe6EeOH0bcsRRJ6phMVWMAQOtmfG+TRwihp/9kz1RrRNJM2plsO38Dm2DSFMfVdSetmQj7kgD9NcgzWmKNqLcpUnA+iSkfQZVnevcqZloY2xCJ3K9Gtokz1WGKCqpnGuAepZfATrV6nQZ3UI3FKRO5TY6pXC4IRiuzyKZHNI/4nzKToBESfr18Yv6OwCvCp3UjMT1bGe5JJuOiMxLeZUfl9WqnzBxvc3svCrnpODSxPCrnFBOy4uRYy732karcwJzo8PEGWm6MyrNtiJLTVqT4LNq/+ESMyGL35FcPS+EAS/ox/7PdjKHPfFdMtmPB0gfsUWrplVftncpHnyWoROMHSpj6bMUVNKNTZcwuUwWcCiAC77cZR8iALj3D1nFHmDnAXkZD5lt2ofRa0Uipx5nez4b0r67oJa2HuGmTZF0otOaIZQwonTBV507nGriFkwcFsgEXNY3JA72I5y5sIaQorpXwc7T5s4qoGSfEohKOiQ50POXb7Ry21g/jLaUA3+VP1E1YbRFqbPidyUOOyDQSMLWJ9YA7IQwTfc0UHWzZMeRxq7xsNSJL0FtXXuD5OaUYNjj4ALy7oBplWIZ9EyWVNa/8RUs+oAPFN3kuQ+vAf/jsRBnSQhx+yQ3QsS5h1kwOM7AqBxl8mO/oW3oZzeIFrS4orECdWSzXJOTNw5kmQecrYwrJQU2XZI03yQcqi51G+z+hEdlc9ddBt/hDU8ApG9/6VARyGus5Y2m8Lp+fqdaiwU5/gURvJnhYxBj9FqNCN3s2EOiFQSSY3bjplAJNLFo4iHI6z5hp4hl52lUZi3vxWwPFJ0YU9t22tDCJpT6v3OncumzWjM2kMC3pXtJ4+JR7kC3raWc2dGAJMVcwSNWOBv/HvsMhkca9y4q5+92SKZBwyyvDag/PfVp+nyNws3jvbaB5r0B4AusSKOVU1+f0mHRQJLkhsErk1ifB3q+WZTJVgfG5ATO9ZwcBEqNTE6DqE38AKPYjgZxby+YEGycL6Vj7cIHwd194S/wC8cVLygFePO+aKJm9XWMsKQc8xfR9xqARlfRuaqerZBY2Iad9+1IYKi9k7XXFNTSmGGYbOmVggkDsci9OaPrgUBrjlvrZO9m3pQDE4i/MvXJpPW+QoKCcX10VW8e/T/cjSPZurv9HO4kVPVgoyfCsbffHvwwggVBBgkqhkiG9w0BBwGgggUyBIIFLjCCBSowggUmBgsqhkiG9w0BDAoBAqCCBO4wggTqMBwGCiqGSIb3DQEMAQMwDgQIju19BIKxXLACAggABIIEyAY6p4H/T/GEBlfW2cBPi0YXB8KmpByl2XK/QGVGcE1Mp6reLRK/cr81x45PFH3tWIwNU+6pULtJQyQY/dcy+6mGM3MQLB26Jl93R2mt/dZ375FmRlqZ19vlE3RAOkOvROCsFrWvmBehDCCuddBVzCVMn4NTRqY3ahqszj6BlRAdE18f+dbWn5Xt3/r1HsVRp752tOrAvNYI4ClGOWx07Tnwdw9iDtOd9b/RcmyfzokN3DfYy8QgHpH/m+ZUbSYRJ+lS5opW0qVIydOD63KBhJRAQKkVyzfO+lRgf/FB9YVA4nmYbLCueoPX3DtgckBb98u6XM3mEOYkZeRaVO/jGS1OSxP3Up6ZmzNIlJe7jSQ+Nn/HYx577KN1ohwidZae/fdbcxqQ8wEii8jzOg06UsZJ638z9KgOOE22doyKvDQTsBAc093FrSOC6CulcV1czsCNYepVAsdzxb9a9+lezCrQiYd9FlBANWHcYeid6k4xaQ/DbT1RemdFdh9XgvY6H8mHnXj33aIAgzBbUJtfJu2oOZZreKgOEoO02Y2waxV4mB2ePL8uX/RvNmdfmfSpXJ7BRMXVu91wC4SXFnybgGmJgsxrGx8BCV6Gcd5a+3Q2Q5fx6+qtVZ/4PfvkTggw8G962xD7AD/BY8X9EIeQd+lwpd+V08kfpkeKvGggdii0mpVaQbSF1gUzHzS2NyD440CTkFKbImb+JvieZD0XWGVCrmGxxGoIso6HzPgru/NzKn3m6edYOSZIFxTEcYm4qA3GigrDOaqnqiy0/glgG1p8N9n31oQ5So599xCD14tlk+RSUZdvJWcSnb5UGTnbrLri2kVnQOm56ODsNEoRakXFFVc/fxrFddDkBI+gsBnbVUkFJYKDN04+HqD7QyOy+Umq9GcGlVk1Aa5AFxuS8VGwOBZBrKswxXpLgvbm3b01lB530FqeOgmj/w5gkOgM8LioZCrd5ZbBllU5cnt3Vk1h98BMJAo6Pu/UTMB3Vv9xCbyw8hYy0gjmZzTQ8OXECQF45wshkGBrTQhhPTnUEfkN/sM26JUfLQoSLYbFkigqj8JMyQfex9GIPgS6yCsNATUvu/acC/JUamdS+CdHG/edEj2s4csR6B66mnlZB+/6gJDoPGX8k/xihAOkAtYImZtLcSjG/QZFvecdmUxh3YO+qlMWWXeO+0X3LRJycvKrxEywF4HEpFkXXlaJ3iNACgWwvjoUSidwzOZmy3tP9JcAc7u3z8r8xCG9bdHr1Slm7MtSDCSvZfySlVk/yD62s2hDQkZRJ1n1ezyJpWuwYzzMGkPi7rTby3jtV4QzPq+Hbtv/taINAN4rlJTLwto3wHGcT01PK9LLLmlZqv940n8qeGp3/+O7aPbigZQe+GszxNb3gs6YjlMwmzgEz1Cvhhd5sY6pqGUknbaGQLDVRmy5wvY7tiaHXqD+xDsoU/rnC8TwM0aaC/PWrlKG7U9BOVzrQGFw2mLtFtCrpVMjdqGitUYO1/5amhKmVPLokiT3j92mntd57keDIHT6dkik7YCLKwSV1E6liHxbsL6CovTeSIL4M4BHvj5q9kPfcaVhnZVfgmAEhFOtkfeKAHfMjovSjmfIjzw6stG154/YKodD3NKz+4r2vjElMCMGCSqGSIb3DQEJFTEWBBS5NviPZ7EazKc32h8sLxx1FA5WRTAxMCEwCQYFKw4DAhoFAAQUM6yIXKnvFhGB9RjcEZL04fRvcCUECHDQza1L3ZwIAgIIAA==

Client instructions

To make clients trust your certificate issuer. Please do the following before connecting:

CryptographyHelper.OnValidateCertificateCallback = (certificate, hostname) =>
{
  X509Certificate2 issuerCertificate = new X509Certificate2(Convert.FromBase64String("MIIC5zCCAc+gAwIBAgIJAOusRqmBaykXMA0GCSqGSIb3DQEBCwUAMBkxFzAVBgNVBAMTDlVubmFtZWQgSXNzdWVyMB4XDTIwMDcwNDE0NTUxM1oXDTIwMDgwMzE0NTUxM1owGTEXMBUGA1UEAxMOVW5uYW1lZCBJc3N1ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpn3rXaS4FtGSoj5VwIgp/d1lhgWr/tAoGUZTRIvMiJ4wuP0LYWi3/0JOI2vz8BqxJS0G3fnrQNCY6jeSBINWKJehqlVONx163UEs5kIuENQWKjtC4k69HSPm9OtHzGDsTVALxYGljqRkUQoRi3Hm61lojuvzMZSxtOfDL92SpL4KUw2AijJvKUpL5DBMN3dpSdkWLijzjwUjqVxERaTxxgWCgSzPSQz5wMf0svc2Ne+gz8pSkmS4zeVYbSBtNANx1xcTp5hwJZrclYosFn1CSvRxXZlSo+aRaSEO12c5gISotCPEqRNKC2CQJhb4iKVfUPRqcbZ5hojgN2P9oyi5FAgMBAAGjMjAwMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFGn/pK4JfQH5Hs/Tdwloott3xlwBMA0GCSqGSIb3DQEBCwUAA4IBAQB/+RmszQgZUwgKmcvr5gJQm5w0+UGLRZcJbAzzhW6LgeYShrbJnwJeKqCqum2R5Tc6Pja/wRFNlsTYEUqm9s371fLroF+UoDfQjaopyM7YBnzvVc/2YE8aBKPRRrpP6twILcxgMmd2YanzVkO8Frp3HtEetw0QGgfn3C9xhyYoJrMtQn4Je+UtO5T6jdws6B+DmnGYqqUzPF/qW916uMJ04s3NnbCYI4IcxN+PnOjE9yVxVJUquz03Sgdkb4FtaeHqpiTJ3Ynd34qjExoY3bydiXHwpX+JpKGJ76p7QrkMZTE5/tgq1tLNi8QNrD6WVhn9/UATjhqPT/nTsbmput5V"));
  X509Chain verify = new X509Chain();
  verify.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck;
  verify.ChainPolicy.ExtraStore.Add(issuerCertificate);
  verify.ChainPolicy.VerificationFlags = X509VerificationFlags.AllowUnknownCertificateAuthority;

  // Check if the chain accepts it. This can mean that it's from a CA we trust OR our own CA.
  bool isAcceptedByChain = verify.Build(new X509Certificate2(certificate));

  if (isAcceptedByChain)
  {
    // Validate with the last added CA, that's our CA
    return verify.ChainElements[verify.ChainElements.Count - 1].Certificate.Thumbprint == issuerCertificate.Thumbprint;
  }

  return false;
}

Details (Advanced Users Only)

Property Value
Issuer Name CN=Unnamed Issuer
Issuer Key Type RSA
Issuer Key Size 2048
Issuer Validity Start 04/07/2020 15:55:13 (UTC)
Issuer Validity End 03/08/2020 15:55:13 (UTC)
Issuer Serial Number 00EBAC46A9816B2917
Issuer Thumbprint 2D8193043333095F2D05E165C5566FFFC8CAE43F
Certificate Name CN=Unnamed MLAPI Development Certificate
Certificate Serial Number 6DC138CB0143D8DED8C60D4C52EF0A97
Certificate Thumbprint B936F88F67B11ACCA737DA1F2C2F1C75140E5645
Certificate Key Type RSA
Certificate Key Size 2048
Certificate Validity Start 04/07/2020 15:55:13 (UTC)
Certificate Validity End 03/08/2020 15:55:13 (UTC)

Keys

These are the keys that were used

Issuer Public/Private Key

<?xml version="1.0" encoding="utf-16"?>
<RSAParameters xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
  <D>ehsuSSeUU9L6q0VBpIk82WnHVCPgLNckaEwOP0dTk4C4rwonSqwQdRlnO5u5howfNlwQoNFSA9OmuXwvxK0oS9ziJOf+UA/3pSsOHBBr/u5UYNxScK0P/tcPwSM4xDDrRgyyWaS3+WBfh3Ai8TAaCWAJX7NaDKHAi5isOYiMVCWNAbUgqFZOJxanXEc4+3G3SWPUAk7sw4EIE7hyvm5MyrENE4sq25Ob2KODX/Xlqmb3lBi8dgfJQ73rMKigGiwOYSMOBGhWDYrWaTFR3ypLpIIKZuoCvNMf9gMbmDByWt36cf+5aexErWX0SbmY3BWvWr06wSxdXs6PUBBrPfKIeQ==</D>
  <DP>VqxWDWDfPsqeFDNvcR0uqqMJbSPcTBeAzErbu7iYAnLdCaSQVLtXU5Ju1JT4KYTNPkntifXZX6+kCtXD8E5FSGKEKp2/niRe2xlNDNlRgkwJRxhSVvB1mjIpP+mywU9X4zCqeTvw9+SG3vuFoLfoaAhtchfebCfNfkpGB7z7vfE=</DP>
  <DQ>wLbWekMkY2oCMhPaj3pL/lKEgwxp/XojQPBhN6uf/5jooFtrNl8gDbBrNkbRfUzsSEmGMJd1EPgZzLu4unrsdqeWcXM+beFZR7L4xP8kFnokAIdH9hotm2k1p1zwBNojM59dHpzDlJYWEkS0Pfv/MRoLo/lNFdZVthSDgbS1s10=</DQ>
  <Exponent>AQAB</Exponent>
  <InverseQ>tlMvVW5a0Vf0WJfSYAT/3LpMPTcA1OhwuYpP0BU0CVQffMhOpNrTeZUkHrhEKnmUGNYWkztu9cUl1G8c1C0o39FhiAm5NslCSrO5f9/AD11jc5MaSxH6ElUsVvw6azyqeF4DcXRKKCsUCzBjfz2WrUKGDWiyQ2UurzIMvTB3pO0=</InverseQ>
  <Modulus>qZ9612kuBbRkqI+VcCIKf3dZYYFq/7QKBlGU0SLzIieMLj9C2Fot/9CTiNr8/AasSUtBt3560DQmOo3kgSDViiXoapVTjcdet1BLOZCLhDUFio7QuJOvR0j5vTrR8xg7E1QC8WBpY6kZFEKEYtx5utZaI7r8zGUsbTnwy/dkqS+ClMNgIoybylKS+QwTDd3aUnZFi4o848FI6lcREWk8cYFgoEsz0kM+cDH9LL3NjXvoM/KUpJkuM3lWG0gbTQDcdcXE6eYcCWa3JWKLBZ9Qkr0cV2ZUqPmkWkhDtdnOYCEqLQjxKkTSgtgkCYW+IilX1D0anG2eYaI4Ddj/aMouRQ==</Modulus>
  <P>2580mEJSgXu7kuZ1tirqTUzE2gtWY33zNbj5BI5ooaRM7oQtOf+k7aWYp+gN69t78+BxlmchO45UWtdd5HdOOEwj67981OJvU56G1L/sosbdbYbIzUVo3XlDkGFsCTS/fZcjVakoV6GZ41v6Qvb79gf4+kWvv3KshZSC/UInEP8=</P>
  <Q>xbghu5JxFv1KDbLEb49iGfrE9SzRTXPAZy/ul0y+tmIfusOinPbtrB0t4drKyXtSSBzZUZgYuIhNiwwRoFw8UDN6gG10x3OJcTNnY5LN3vQ0E/SGKlAvBiSaHr2v5wh00lz/Cb8BP258OOM2DswS31OgWo92Mqd8R1AWRny7PLs=</Q>
</RSAParameters>

Certificate Public/Private Key

<?xml version="1.0" encoding="utf-16"?>
<RSAParameters xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
  <D>0t3QkI/4WEMaQsSUclLTffXy4winSprENZML6AE5ihZifTRBdQFtGv5ddR/PoIzW3G11mQCNpgL7OP4OkOnE84u2seGVeLU1XlN4YBZrhE/Qn6JxmwVyvs2feR7jxrzCH5U95Rgk66DiyO1jUkytp8a53s+NfADhDbPkA/g3w0JWBkOjiqyNOm6FFd/GX096EYB2BeXl4kiq1Og4SQ/hUWPZ+KAOIlIh4kEhZUJKxO/XDpqE/jYS3pYaKGOqPvedLFm2T8NwyHWPWjXdot+kJxJbSB0FLVsJSWSX2WB1sWMeWEHUDIu0UL0hENIU2myvh2+AtF9qfOZthsoK6Y2noQ==</D>
  <DP>jqYN+7UAywx9n4tkMT67W5ULYwoZAHgRlk9hvgRhQ8dX6bhDfMOrFES7rEBkzBHn3krSncQA29you2FHHJA5oLvioeRx8Q1iUxv9Wtn/dKKbK8NM4oTXIweVwLSWBw4vVhikiU0c6sWGvyPmdeeq0yJZhwFld4qbDEzvbBtzj60=</DP>
  <DQ>LshO3qGbhwWm0/5jTXM8WUD8MzugYh1sslij7VyFdmpnFgLrlZyDxaO1Da+IFu9qNgmxsNh4jbrMekPsbIpRor0e1xJwfGsCVlf5Hw8gHGUzEZo0mRoapK6+03f3RcqfJmO1MIWKccG5MlDd0ZFtUMGvgWwSQQnWjAlGBdfG4qk=</DQ>
  <Exponent>AQAB</Exponent>
  <InverseQ>gUDOXJwqMxEg/2e+VleZYbi7Jc8Ft/IoXXW0mHz+5gRX801/ewOChmcF5mk6xP35ClPuivN2rnsWWqRro7EMuWDX+5wvrB8v+DII19Z8b9WQh+yDet/qFx5RjjPA09z/eA1ItPfuqkCho4AvUa6P/Yqg5rCf+MQtP/CJ62Uurlw=</InverseQ>
  <Modulus>05H6K29aS8WtFZYjevqEKtG8oeDB15HJZA0QjhWR0+yQGbyPfuVympB87WJ9PITD812cYAOJpj6MQNxCQyM+vX9LJEoKHN0liFlqftRNkHrNBz40+F2VF6FmFkc/SkZ+nasDcEAwbNIMdmCED6E/o2XjAvbvnKopS5YD4SYVA0u1243em79jvRNfgfg2I/C6Epx96WVOCHgw7y492reZOTnF/8xdM2gI0eo3XTeyK3nqrdYSl+TVsx4kOoUIDtF7mGsz+T5o+A1f18YaoQ6NR7tTgjchQ251l/5VYXnohxEhHY7iwIbj53rX7NKOrc1fe7ck0cy4BzpTb6FwJi/ffQ==</Modulus>
  <P>/BqRmwX9HV6Bd5vl/gSoNhIJ2Emzip8VRafJzcyQgPXXybZuec/o2/g9eZczBsbxVOHqCY8CSLsylOvBcKOEGpMpus6zkZFqoH5A0LM6op4g8htM9xJsQjyMavbRDBpqTQ5UOLPO7fprL/Lk/9QLQhSzeJMoJmIy0MYEIqzReMU=</P>
  <Q>1tcKS6xNSk3sC8oZpix72yR1iWxuY4TrtRznXtlJHbi9S1Li7md1RD8et7yC7GJlKcbqNuUHFtwlC0peCrRkeXUBUB5FsDyJuFLLXnyDlouWbbLePswZc2xSV2kUNloIO+TelbEWiTt7r76QFvKdpYlJsXUvrrRYk/QN1SjJh1k=</Q>
</RSAParameters>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment