Skip to content

Instantly share code, notes, and snippets.

@MidLevel-Bot

MidLevel-Bot/quickstart.md Secret

Created September 22, 2020 07:31
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save MidLevel-Bot/63cd5787ff5672f25243dd7d3e01c424 to your computer and use it in GitHub Desktop.
Save MidLevel-Bot/63cd5787ff5672f25243dd7d3e01c424 to your computer and use it in GitHub Desktop.
Download ZIP
http://cert.midlevel.io/ Generated on 22/09/2020 07:31:49 by ::ffff:18.207.106.142
Raw
quickstart.md

ONLY USE SELF SIGNED CERTIFICATES INTERNALLY OR FOR TESTING. USE A SERVICE LIKE LETSENCRYPT FOR REAL CERTIFICATES. THIS PROGRAM WILL GENERATE A CERTIFICATE AUTHORITY KEY PAIR AND A CERTIFICATE SIGNED BY THAT AUTHORITY. CERTIFICATES ARE ONLY VALID FOR 30 DAYS. AFTER THAT TIME YOU NEED A NEW ISSUER AND CERTIFICATE.

Quickstart Instructions (Basic Usage)

Server Instructions

ONLY DO THIS STEP ON THE SERVER. IT SHOULD NOT BE DONE ON CLIENTS. THIS STRING CONTAINS A BASE64 ENCODED PFX FILE, WHICH IS A COMBINATION OF THE CERTIFICATE AND THE PRIVATE KEY FOR THE CERTIFICATE WHICH IS USED TO SIGN KEY EXCHANGES.

In the NetworkingManager.NetworkConfig ServerBase64PfxCertificate text field. Enter the following:

MIIJaQIBAzCCCS8GCSqGSIb3DQEHAaCCCSAEggkcMIIJGDCCA88GCSqGSIb3DQEHBqCCA8AwggO8AgEAMIIDtQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQI6l0UZWqP3R0CAggAgIIDiNYbM+QRQ5D1FeXo2xaML1Vq8PCAiR5YleLFcIu24ckbYBX6rR5JR81xBQc4QOqWF6G1uCSRK2vk7Nrxqlj7XXoVTgB5WTaooeUCQiyM6Dt8qZ+ilqqceQQMFUDRGH4xk3acuPprbniktfiy8CSt+XgfLLvhkjsQDZlwii+WuQgX4uxAyBihhygc4azyweMkLEPvJrJXKqXq2aMAaKsgR57ekqWGUv6QJtnjqvmwMs3hc73FWAxKp8KnTg/pludCMUgaW/UcrY32xBTqg41eoW9SOBNxm2wW3+SFsNHMP5TGAFFsvuay/TuloYtLppBQXTc9xbLvLg6jyZY6uFlR1g8rz7TtVkY5v6y93ddeJ/T3u0oaZFoO4XyDagQRjodYkSbkjpy3ZQwfqT4rMpwdYasBTS2qAHZdKqfcKDGrA9HuWL2GkU31wFNSZQICvIOeLeBMQg1Ddf0u5f659qeEPiKV0YfJdQFNlt3BAlYJT4y1j0T0bHSMCkidogogqfEsjD3vOJLA0gnTHCxtqSpCm2dalXnFwjkfCGu4LTr1shFQFAQ6qBgRCYlK2iafMs4ifTmKHJkHH+tUV0IsBbjnOFq53qztaxMZUZ2BNelB1VqOSgrLovT005ebErnP2MjjbdGjwdpjaugcAYR6Qom28reWVmhUIn3SEJ54eIdmpSvbOHA0GZJSR9bjNLS6+7Tav5cqCSetMuXfKZNghUteyGwbD58DAucQnXo7Z0t8E70Shd8qgdXo9g7a7igTZ3s1MX5qb3mPK5VzK+qupJNNrQB3n2NEzeq1qGkJPEShf2qbf9kl++VZfS8rS93JF/crPd/BGwRh7bzI+dykY3TdRY8DUCU/tdtXp0DvvlVK7z1BnE8Kq41CzqWX9xzPCEGZ1kLY4AKWKAwaYtG6xdGQTXwsBMpSGt4cz4wzHcBvcf6mN90KpYl2ITy1piIRSmFJonHd3uYhBXy4/KgDJWwVc3uTOPx9AwDWU0zuB2FuBOo2Ma04PRjh+VscakvD8anyv2fY9xXPYL20AGwAY06GuGeVYeMJyQdv2eUHfp+OYcvA/j6GXGYhcHexqAD4WkiK6/j+lSRsASl3HKiQDN30s6wEcIwdXybiKr1M8g4f4Xq90w4M2noZfV83ruDiSjyvt7iAoRhsJwI0ihwVhOZ5Nj1/LwqfK/fVQt9ncJNKVpUPw0UoYmLCZ5MwggVBBgkqhkiG9w0BBwGgggUyBIIFLjCCBSowggUmBgsqhkiG9w0BDAoBAqCCBO4wggTqMBwGCiqGSIb3DQEMAQMwDgQIPdJAwVOsH1QCAggABIIEyJaEb9s8KqispizykzggTNwa6uTWCYvnXhBf9klbU5mUOIRi2iCPtAJKqorV8x/TIy6MOuurfi+gLGGx0o3pZpEB/0bvWZkFu32CbemjhukciXrc4iDu7CnV9RNGYBXJfMhAJP+oC/talfxI2eCK6fjr6q7gGoD84B+udn8EUyjNdw59GKMS1Hi0QSh9d7kykermi/WOxQN9WV1O0OvOP4am3V+MwHqWt7IV5kQ7uvBjvbn3f8T8GgJj729lcM63J3yGoql6UUJ0HkjiKktkkAKFzo6DvFgNiRSdD4pbLhNJk13KdEQfwn5z6fHB8aRWAt0grg0itIXAoElvRHg6hU2VvS3z8G4esjbD9a+1NNfXo8FVrYAtssmrAKAuymtR73cc7Mr8AffejMwD+ik7o1FbTsmieTpaaxQAQg2J2+28T64o7KNQUIdmGbLt1ygTw/UqZL4Z68c++MJv1fSV5tOiuu3PAs/1XTlIiI5EAq5VOU0K43TPa3kY1CPX+kGIu3R3mrb9+HSXXhfj4LfOlhl1/1bKx/zalpWrVT28NA9fRVGfk/kRmknQoo5fUZMbjvP16wYo9iBiJkZ405sVRKtcVyhRTZ+g1Yc58Ems0/leo2vJ4eqEsMX7uOUd66MDEWi87VoR8GZfgnRIIDXHke8nyoUbDnMSapyAwIjtzn6H+kanAr0ZF+eq/tyFHdu77/TPbEukCLBq2zDFJvOX/vanyPRKcfIR05p9tEVnLxmVM2+zo3l89T0P0mGwgExT7ztXj4QEUpuLDgxDaNgnHsnsvShWoGDvz7m4glFiCAJGsuzG+SvGm23/fBGxYKZk664mWNh4T6Ax85jxaxE1MaYcdXI8ZD6KrKsxlaPJSBrBv+wh2gIk5+SygKTITYjyQhwNawdupVWy21KGBOFCyxtGjr6mJWQ3LDX6GH5oBcS1Y4WDHWuUDOvTsdgwUGZj9QK9qCUi9S/T8SEiVDQd3xzgNP91E6BhGV2kQ0BcU5DjDDs38uv7ky+Srz4HPo13YTwaqdiQzsYvPWXOuRAfReaT6lKCdXBmgTCKGiUvYgD2/Ue9PhC5Fogf+DnWcP/JtZgN6qyrNeknGGf4Zkol6FZGfs4b98gGQzvl7RNo18YxmgsofYN8ed9phvqsFUPNh0EPRpL0qnq7/bI7/UQAalMTLjTGJuhroQatgh95dZ+aDT9HnnfmS6TizCUINAbSb5JMRaImYDOlr7bcarjBjSnc928kHxNtK9AlB9/Z4s1gacNvKUz9j3iivSPd7+GzGR8Sj33iMbBGvZiGKc9EX88taTdkMDQW5EzKcJoBSZW7nADK6iIQ3lyV+26txP11TGsXY2GIy1Pq5Lsa66tcUVl0mZry+5w9rHl4cAnR3Mxwc/Q8ULV3gF8XqqJX0d3pa8AWJPFEP1SGssNHFYJsEzoa/KRt8YIbo7PyzZBTd+MRN5taoWjO6izh3uariZ7BpgysbukNFg3aNeK18CgtwNm8AO82XwhNUYoBhoOukb8nv4zhuRSzE4vvEwdeZCIZiyZM/hXXClmRhuDlO9lED9HK+KFmTx+HnICzpn+t8nHDmSxN2s3zWOngZsPrENmrsT1HAVUgLOvOvZDB6AtNgQR1wsIIGnQkHzElMCMGCSqGSIb3DQEJFTEWBBQl2RdEUhAmvcLxbia5DHpxuuDKPDAxMCEwCQYFKw4DAhoFAAQUWI8S405QwFHbte1twLJZsXANqW4ECK8HZS76V8/SAgIIAA==

Client instructions

To make clients trust your certificate issuer. Please do the following before connecting:

CryptographyHelper.OnValidateCertificateCallback = (certificate, hostname) =>
{
  X509Certificate2 issuerCertificate = new X509Certificate2(Convert.FromBase64String("MIIC5zCCAc+gAwIBAgIJAKNq80+U3mjTMA0GCSqGSIb3DQEBCwUAMBkxFzAVBgNVBAMTDlVubmFtZWQgSXNzdWVyMB4XDTIwMDkyMjA3MzE0OVoXDTIwMTAyMjA3MzE0OVowGTEXMBUGA1UEAxMOVW5uYW1lZCBJc3N1ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeRZoEkFAzLpJhlch1FQ/EI8/6eJSdWkQDu6qlvkEoAC/5Mg7+bgGSbmlNgFNnoD8yzLT/dP5S06FMVRuT3DiaGBNXwidQdxyzCOtUmZxn1tBdXtIyHkFPNQb2ITPmbVKoLxB+eXmSUXsWwVL1CZlTGpDFarwo6NO04V9/+2ajCp8qQqIA+3kYhJ9pZmJ7FB3T+2F4nNMeEuwwf47Lr5PRiCCvOwLebgRc3mWsoR5wDw//ro+7e17YUSHbD9T9kTdQaPDrg4EdNpigFYbrofV2STUBV1WIS8gKpmecAMU8nhjuSEUJkTzo+aRzFipJt0w/NfmBhGbUW08dBMo94OFdAgMBAAGjMjAwMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFB7I7Mao+9G3dbyjztLiYlB5HFqjMA0GCSqGSIb3DQEBCwUAA4IBAQAXjugDC5E93LQk9dOMkdbIpF4ILwpND/HX6CgG08mWzZQ6ipTA4fLJc/N2O6LJRXFLpNHE325PG960rtlIEmj8fM63pSNRtZoVH/L5lY+SbQ13LL+3s2tWqOeNe02MyConyGPa6m0Y+xGwj6YxvuRt5EyfXRHVmknLy446nHydswNT8ufUTrlzRIx9lTY/5W4gCBVH3ixtoK/ogn3j0Lp9zjTCXztC9ZT4+pNtaZDVBbPpcP+PY8S1PcX9x4FgxWADvxMFPBJhxRIUEJxGiF5u4eYDbU1rjUPLpeb/0rWRGkyVLUNqD4Bsj/K2nrkLFBPea6a9CLfmHn1fAmfB/O8L"));
  X509Chain verify = new X509Chain();
  verify.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck;
  verify.ChainPolicy.ExtraStore.Add(issuerCertificate);
  verify.ChainPolicy.VerificationFlags = X509VerificationFlags.AllowUnknownCertificateAuthority;

  // Check if the chain accepts it. This can mean that it's from a CA we trust OR our own CA.
  bool isAcceptedByChain = verify.Build(new X509Certificate2(certificate));

  if (isAcceptedByChain)
  {
    // Validate with the last added CA, that's our CA
    return verify.ChainElements[verify.ChainElements.Count - 1].Certificate.Thumbprint == issuerCertificate.Thumbprint;
  }

  return false;
}

Details (Advanced Users Only)

Property Value
Issuer Name CN=Unnamed Issuer
Issuer Key Type RSA
Issuer Key Size 2048
Issuer Validity Start 22/09/2020 08:31:49 (UTC)
Issuer Validity End 22/10/2020 08:31:49 (UTC)
Issuer Serial Number 00A36AF34F94DE68D3
Issuer Thumbprint EDED9F1B66607EA28F0F9A1E63B907F036E319B3
Certificate Name CN=Unnamed MLAPI Development Certificate
Certificate Serial Number 7662354B8D090FC78FCE6D5057F1D366
Certificate Thumbprint 25D91744521026BDC2F16E26B90C7A71BAE0CA3C
Certificate Key Type RSA
Certificate Key Size 2048
Certificate Validity Start 22/09/2020 08:31:49 (UTC)
Certificate Validity End 22/10/2020 08:31:49 (UTC)

Keys

These are the keys that were used

Issuer Public/Private Key

<?xml version="1.0" encoding="utf-16"?>
<RSAParameters xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
  <D>eWAhHEzb5FRb19B5OSjcvWtFbO0Z844syLwbwx2jdByora9xBjewpu5bfR7jV33x2XBZgerjuvsnIJXIH11sXugFtXBkm/WsobQ+XNOsuYloo6I7CkpfhXHCE/EkjxrZn7bwLD3WOJqaDbpWdypUVgHyciNHhwv+hyGrDkfqzy76YsHd+sHEZtI9gh4rL8faOZjJdUPG5C3c4HWWYVl/qE6UD86uaFfCMegQ0mV+bWdpCoEmlZMdZKjuE5KuLUpHdRA2iW/5jcCi9g8b4tlqOaPmPhB44p5Y//spvq9ZjRj/yNJ4AnWo0t7Qm45+jIlWfk84Pn5NUYmSeS00TH/FAQ==</D>
  <DP>RZPoQFJeGls3+UFkBDwsU6a4mPz9GcWCL6PB9eo+9twm2tcPdfrd1W4AcXP17cobfke/09P/VdiSW4z8gQz9H4YmB1mt1PYbPrhozBgtAY83LOvzO6lapKD9w89z8wNrIao+qtG/d6cg6jDQxhXJBmPQZecC8FD1skmtmq2qnC0=</DP>
  <DQ>ODrqm87I3paBjTFfVsjJNisIs/50GevLem/ZusdlB9IKhbbCKeb4qYI5Xgc6FXfx5Qz7jvn7KmZcDFVeYYHwL0breen+eyHxnXYJ/hqkvJfDL43Q4qNduxpmyWMrrmCLAeEzWPPy6eNu89pSP5wtfrYAiZr92qCdSUQikSsLZ4E=</DQ>
  <Exponent>AQAB</Exponent>
  <InverseQ>YW4ga3No4wvbZFICVn1drPZyhGMhGItEjF93SHRxztlO1HP8LtlkM57uPPpvXqKsm8XDfMPJ7UhKYgwyjv8rHkXwL8yxyiLBO255SIqzecsL8cjwrVNWe84BdovF70VEHbU/AHvmnt+vpVXSOewX5+FAT0rYiU6JA+AOLSrgToc=</InverseQ>
  <Modulus>nkWaBJBQMy6SYZXIdRUPxCPP+niUnVpEA7uqpb5BKAAv+TIO/m4Bkm5pTYBTZ6A/Msy0/3T+UtOhTFUbk9w4mhgTV8InUHccswjrVJmcZ9bQXV7SMh5BTzUG9iEz5m1SqC8Qfnl5klF7FsFS9QmZUxqQxWq8KOjTtOFff/tmowqfKkKiAPt5GISfaWZiexQd0/theJzTHhLsMH+Oy6+T0YggrzsC3m4EXN5lrKEecA8P/66Pu3te2FEh2w/U/ZE3UGjw64OBHTaYoBWG66H1dkk1AVdViEvICqZnnADFPJ4Y7khFCZE86PmkcxYqSbdMPzX5gYRm1FtPHQTKPeDhXQ==</Modulus>
  <P>yZQ3OqmfbftAKTWCbFmuflqbJtLbmiHKtdbwDP6BOqVE3+pjWgegIF1RX7BplYIaPKw42fY8P98jUkzu2vQ4lyP4rwBjB8BbIhgN5yLs1mPkNQs3gU1sJ9TXe7JFztrTWCm9lOyMqZohq+O9ws3vaVA8C1sCRGAr2xmKgwTemh0=</P>
  <Q>yQBKfUvw4hUO77Q3Lzmcn6+Ofn6B3MFv0emMs4aS79+jZKLdPbR3pI3LOQ/Hp47Ve3JBPDPcbWFpvQ14biVG+kM6oPzLQ1YNHfXFd/PAinchXMHQedFeSRzfzE7SpDWjQ0b6TiC6SzXTXSbf8JAPHtn7W9fHVRHmRztXSan+wEE=</Q>
</RSAParameters>

Certificate Public/Private Key

<?xml version="1.0" encoding="utf-16"?>
<RSAParameters xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
  <D>2kerpHqkdw8fAYwLL/JlSblJ2JqNQUxkDirDhcl1yCJ9TL3nz45C8ZISNhtOdnv/d9g7ZqYBfdmzv6Tn0iXbDHQrFNozlahMP0klLbZ+mGtbgNVmsj+Otv1jE9qPkuBZ1KRG/Nff0q7l5TtVRnfbOqcMmprlTM0kNv2YiZKAVZRn6bxndcLfskOiG/JlnhLpKkRtYviafZDE04FvIOVTcpcv9F8p8m5xomNm84SXSnn/8j6juWJH83QF9Y1hsMG1+NW8xESxvVLUdvpt35uDkTPm1ALF3HcmrlgYs9yho+FXNQnlqv33ZpIRLQC5Wgm3FXANVrxBWrQL8eLNEJ2qEQ==</D>
  <DP>gqEoGVUQs1sbgcVi7Z7ujGjhSfIGi0fs8B7RIze1/ilzrCbTgOzzgGvXUELc9iU88Dp/P9/QqYdSyk6GGPd+MWa8ctMs6D0Aeakp3VA8WeuRoX4hYYaCqGmSre/djBN6fuJdLNKKtA0iF0Z0WFNU6TAMvcvs68sG8IUEFlFrUQE=</DP>
  <DQ>A7ImdUE+BDqngghzTgDaUyLsRDisg5Q1juqr5w4rDjZp40yrUuEa7qbLnJdcLb/RXXH2s6sHpeG9YBNcKFoo09OxZC3/Iku0nbzIVHu83bjPkSrCP839cjK6Pd6LRofpit6gOIv5qwU/2QAx/aexA3omRMFeyElUIXE41mcXqlE=</DQ>
  <Exponent>AQAB</Exponent>
  <InverseQ>d9v17h2hO0+bWRDQbHTp58w8GUK5O0uSGgULwflTB+uIUWV76NF9IWMHsXDnFt8/EzIc3nFu+Epgvf0t33TYcc6moIS32X5EaC2JQGLqHXhqfoCLUqoK0P07JE1ZhGDF/KhQNvlw5tTv5fNxe/P9gPKHO842UrrKwvCl1rHVMXw=</InverseQ>
  <Modulus>3LRkkp4S6M90uYALW+SsfJBtNJslmnZ4FdQgd71IL1U1wTTX+AewF2a9VfHm+YE338UuCzLb+7Mdqagmu9c+u3/TjCv37S8JAeGtTJXE8xCfnHlgbXm514Bbkm3mFqmS+MbSCQY1GbHjMTh4GyFUTkopjFis9XfcqOAc+IkS5CVZaw4p5wTG6RetmzbegR7jaCWbWBEuiR7KWeZQQX6sIVOriM1aCYLBsTtOxVh9X4dwZyY113AJ2y74BQYUr/8ty9GrV3reh8vlY2g4sz8PgT9ejYSry/6e72f9RXcmCcIluZ8EO8wvZQNyXpcUkpbq+QQl2NIiKWPQQ3Sy4j6+aw==</Modulus>
  <P>/GPTCaOT3glKHq2uRZGZ7VbOJk3j9u6NdulOv1ed3ui1S40J9dwrVMPNQOwN9GyU7ovzZibELRoOI/6svFvyyLtGOwvU+gl8ELylPcgp25eDes5FT4QjIamAqRNoTSuFc6jJDOsqji/8aR8AO3ghTVIJhft+AWNm2XLfXGs+FhM=</P>
  <Q>39yL7QBNAZQMdzxpoWXQrXxPS3YAD1A9TxQRcZWOhcoUR5Wtjoi1poBMg05CgpoNjGGDdjxoUbfl7jFEi6safvCsNr8Cb2ZtLUjjbzeu9JEafmvAQGlYiFJwwyS1BBENbz3GEvltEjLWavPudM3/zaSc17FW/LbAxh3grh7GIUk=</Q>
</RSAParameters>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment