Skip to content

Instantly share code, notes, and snippets.

@MidLevel-Bot

MidLevel-Bot/quickstart.md Secret

Created November 20, 2019 10:03
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save MidLevel-Bot/9674f7442c00142ecfff95e58664e9d1 to your computer and use it in GitHub Desktop.
Save MidLevel-Bot/9674f7442c00142ecfff95e58664e9d1 to your computer and use it in GitHub Desktop.
Download ZIP
http://cert.midlevel.io/ Generated on 20/11/2019 10:03:15 by ::ffff:18.204.56.104
Raw
quickstart.md

ONLY USE SELF SIGNED CERTIFICATES INTERNALLY OR FOR TESTING. USE A SERVICE LIKE LETSENCRYPT FOR REAL CERTIFICATES. THIS PROGRAM WILL GENERATE A CERTIFICATE AUTHORITY KEY PAIR AND A CERTIFICATE SIGNED BY THAT AUTHORITY. CERTIFICATES ARE ONLY VALID FOR 30 DAYS. AFTER THAT TIME YOU NEED A NEW ISSUER AND CERTIFICATE.

Quickstart Instructions (Basic Usage)

Server Instructions

ONLY DO THIS STEP ON THE SERVER. IT SHOULD NOT BE DONE ON CLIENTS. THIS STRING CONTAINS A BASE64 ENCODED PFX FILE, WHICH IS A COMBINATION OF THE CERTIFICATE AND THE PRIVATE KEY FOR THE CERTIFICATE WHICH IS USED TO SIGN KEY EXCHANGES.

In the NetworkingManager.NetworkConfig ServerBase64PfxCertificate text field. Enter the following:

MIID/AIBAzCCA8IGCSqGSIb3DQEHAaCCA7MEggOvMIIDqzCCA6cGCSqGSIb3DQEHBqCCA5gwggOUAgEAMIIDjQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIT6h5LcONnyECAggAgIIDYJw9e9ild0WMpoCm2fsV3l5S8jDONsRUCpCKAnKSOPtm9fZq6JyufVjg0ebnZyOmZjvuTUJL0kfxscpMEybZBNRquld6qjzQRSBXwq0vHAlwQLNz146ILA4AV+/MwKZMOtPnbfZ8VDz2nR7lrqtGdeXP94i8WUd3xhdgNxjtIOqKzEsTtwpVxEapBtAKpedY++9TDqjoH5q9gf/lKQC6bI/xZeeSgRWQA28bMFYIGLFQd0yFD/aB54U0OkRRwnlrGbnOjL2nmaie/v2f3tW4e5bMYzuEtuGuUX5m/JoFsbTaXCKqmJCwYlWc03OlgzkgukZQlU1sDpA+bq29yH3cG5IdImbXorueXnuzRsBkdaauddKhDl7AAxDsm4hBVZRj9aPgcCkVT9K+43q4kqTuhFT51G46V6Gx0c1zRtowcz0A6QgDVQldm3yWLHe1DMzwPAkEelzo4YGmgzwAvQx7FggOTSast/drK3UFkI2JmACZNST6wPxaGJhBwaXqU7PUh3Fe2g3bYFujkg2VMb3EUjDJpImXYPo79SN1a8EFPQcS91kFNYbzoa0vqzVR2+nrgIG2PFup8ew5p7dh5gWEh5GZuF08ewk6xoK0/AjJJKnRpOggb2Vrf1c7atWGL4kTxk+eBOTaSLQGEqp+U6uDceYDqAcQp4ZjQKdPb1TwzJS2fUfd6Ns6xIuphuUSicUhUGikGEKui4mNOenb1VFl8EFg6uI+EXxjCWK1xI/Kt5vAzg3D0xh1eUEbwyofoIG88RwLRroeejh8fYGRcNOLdDCcSKKKwu2EtvV+Q2zbEzTwwkmVRMtxcCviEooota27hGTbkYXhC0PuoXDq9OMshDH7gYq/N3GJGvq6gBeQwesV+ZTpTCT+senGyhNCGopqZJvp/i5bLKT0oWdNvbEE3/N5me39CMC1WRNhBNgoOvkDHX0kbc0zqdCnPbqESqvfFhYnZ+AWiLOvQN+xKmoo3CBPyhce0cAC5YBT4dcYHSNW14sgMtD6i1qHOn9xbq+/8kTvQ5Li9C9BzEKjk0ABByagsBx+N9NMeVEN7JQLGlML/BwfOlnmCyxHe2AhgY9axhJNIIn7WDyvWOocFiBcHUivWLh8VWRrGeJFtYD3Gzk+Z9u/e5kRHz9o/Etl4T22cjAxMCEwCQYFKw4DAhoFAAQU64zQPqXJNTEsaCH6cv0Z8eP8xq8ECILZLOryvbRAAgIIAA==

Client instructions

To make clients trust your certificate issuer. Please do the following before connecting:

CryptographyHelper.OnValidateCertificateCallback = (certificate, hostname) =>
{
  X509Certificate2 issuerCertificate = new X509Certificate2(Convert.FromBase64String("MIIC5zCCAc+gAwIBAgIJAMSn5VpexVGZMA0GCSqGSIb3DQEBCwUAMBkxFzAVBgNVBAMTDlVubmFtZWQgSXNzdWVyMB4XDTE5MTEyMDEwMDMxNFoXDTE5MTIyMDEwMDMxNFowGTEXMBUGA1UEAxMOVW5uYW1lZCBJc3N1ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmUMknYWdTltUmiG4qPq3EC9aG0O/giBcLfuKoRBub34+GZAd7d+LWSnugcF2vjuMidWAjdDm04y1ywvp3iliOVAzTkYFXPRLkSeLj8n9brq5HUtthdnuvgWH4Bd86QaBmpnRzySQN+LZlO/B13MWKS8pxCh86G2KfHU6c2hceFsahPsA7V/2OIvANEeGj4igWqdLfIG92Dxy90xaUFCptbph8/5oN2OCVoDoCCiCQekTlFVkT3B78yLF4MczcyjJS45+Q8Cv3ZplNbWG69KWX0zqWye/jJOAKxxgjSE3enL0xzqivg47I/O5FkKY5ccJ6jctEGYGjjfm2i1afeLYTAgMBAAGjMjAwMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFNdJv/sh7bERBxwlEce37qIEBU6PMA0GCSqGSIb3DQEBCwUAA4IBAQBv2pSWlUe3fxuLEIa67o53PlXhZe9kJoFmaQHr3XXCTEeiYGdcQ2hdBf2+FgSVLVwLz1clg08RqqmKKtph/MfT1tjkNE6Z108ItUlqxroSC2UBYUcGjIZcQTqFRjQMnCcF7LumfdLr077MQpKKYOHxz6azr7Elzl+69RZUt+j6r5Gnt8uuPPbM9RqIQsKyGIMzLrASA+g/ehDrDRxTQPelG2cDm+A9LrCmgcvP1SSvIac47NuhCgvOzfCZtif6OV/VmtaV424f5bhV4Gvog2jYQ7wT+8BeYgU7lv0yqKYEFK5jQRT7MPKg5FeHvBZG+U2LCzS1yrLCKknzzuLOjLcQ"));
  X509Chain verify = new X509Chain();
  verify.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck;
  verify.ChainPolicy.ExtraStore.Add(issuerCertificate);
  verify.ChainPolicy.VerificationFlags = X509VerificationFlags.AllowUnknownCertificateAuthority;

  // Check if the chain accepts it. This can mean that it's from a CA we trust OR our own CA.
  bool isAcceptedByChain = verify.Build(new X509Certificate2(certificate));

  if (isAcceptedByChain)
  {
    // Validate with the last added CA, that's our CA
    return verify.ChainElements[verify.ChainElements.Count - 1].Certificate.Thumbprint == issuerCertificate.Thumbprint;
  }

  return false;
}

Details (Advanced Users Only)

Property Value
Issuer Name CN=Unnamed Issuer
Issuer Key Type RSA
Issuer Key Size 2048
Issuer Validity Start 20/11/2019 10:03:14 (UTC)
Issuer Validity End 20/12/2019 10:03:14 (UTC)
Issuer Serial Number 00C4A7E55A5EC55199
Issuer Thumbprint A7687465DF78959677849BDD9778BCA28F121CDF
Certificate Name CN=Unnamed MLAPI Development Certificate
Certificate Serial Number 00882DE1EE97BE0FCC961DFF7065B390C4
Certificate Thumbprint 104638830FBD138FE382E496E10C5F2C9BE2CACA
Certificate Key Type RSA
Certificate Key Size 2048
Certificate Validity Start 20/11/2019 10:03:14 (UTC)
Certificate Validity End 20/12/2019 10:03:14 (UTC)

Keys

These are the keys that were used

Issuer Public/Private Key

<?xml version="1.0" encoding="utf-16"?>
<RSAParameters xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
  <D>kNkj+Wlv84k8GtTY/CaZYF/VlspW4s6UN72gTRUwi/KpMGs+rW8zsXP8lmW09hGWVfid8w5IsLPjxHZN0dqnYTQJMRIk1zno5Lx3PscnRADzSJYatQwwM6vacoM25kuZ1pU/Tgalb0gJZlexHl8vuY97DWbBRuksOEfVRh5/RYL6Bc2q221LuQlPYJfh4weRQ6aPF4xJCUdrvz7Se37PCGT4qBX1fQlH8emf+Uuld4OfVAX2YaQt+Eh1YDL4ryIO0rzXajCuTEmRop2THnp0W7DMYeSsmOG4MpA8o7Gg4afPW/XFW6Q4YisSlF/6oLTXaXoyKv6bbekX2PbaacOXMQ==</D>
  <DP>Cl1yvviljwBmXtdDxcpmSP1+kSNT0hTF0PVUKXj9zhQiGZwAsJ5pdbMdrbgmRYwQN3nApeW/wCsixGVlEA/jfv2HasZhIFzTvvfH2X4J2Xa1dZR0hXdF0KznAXH3Ct/+0WUvQrP1ZBquqokBl9/t4RJdmHk5nWqeh12bu0499lk=</DP>
  <DQ>QkIup+ADo9im/Wtc2rcMWcCV8sd/nq/K3sR/drJN7XKKtYGIKckRVjcjT8lPCbsMNOcpQsgh56780901x2ey8xM+Lx2YZk1RBhs//lgJVmweR+s9oriqVlD+5jBJXsk7p723ryk6v5GmdkfBznhk8EMC452o5zG666a0g9JngEc=</DQ>
  <Exponent>AQAB</Exponent>
  <InverseQ>ZkjqSYXjEXA5mb8frUE4XH965WOlFl8Gb//amwCbMaRybzBMxC4Zs0tfOCdo3slqFMXiQ87sTnLi/6k5qGeb2Sgadz9X8XbrGvVA4HA4Vt5UgxFpSCIrYL3Xjb18zXGoZM3iCwSNaaYxgerAZdOgdq2SIa5p8buHNdIP6roYuNk=</InverseQ>
  <Modulus>5lDJJ2FnU5bVJohuKj6txAvWhtDv4IgXC37iqEQbm9+PhmQHe3fi1kp7oHBdr47jInVgI3Q5tOMtcsL6d4pYjlQM05GBVz0S5Eni4/J/W66uR1LbYXZ7r4Fh+AXfOkGgZqZ0c8kkDfi2ZTvwddzFikvKcQofOhtinx1OnNoXHhbGoT7AO1f9jiLwDRHho+IoFqnS3yBvdg8cvdMWlBQqbW6YfP+aDdjglaA6AgogkHpE5RVZE9we/MixeDHM3MoyUuOfkPAr92aZTW1huvSll9M6lsnv4yTgCscYI0hN3py9Mc6or4OOyPzuRZCmOXHCeo3LRBmBo435totWn3i2Ew==</Modulus>
  <P>9xsEOsxdduqdrsLfyLMt2osWUNKNH0CGoiTLpTe251DxK1AFpTZ8PSS59G+/tzUm+fGrmKshbJKqX+8AOpIqLJvtxp2+gl7Ppi8C0bThUMqKCa1Qi6sA1VKSbKyDMqnUu71iPHVYkUgOpA4qu7HwQxKYDspGdkpO9+kxiMw/YTk=</P>
  <Q>7psOXOfsz6Dy7tuOmGW3n72Z1rE/AeQHdpZnjDpNHDXZfGxktUC1ZOg8E+1b8Mfxe4LHzX3y6lX0a8eWZVRHVD+K/4heshScwFLpG5XR7IYmZxL4P6uO8hQh6txAEyrW3luQ8Q9YctigsnQNMqD/zFiqIa70dpdcAGqvKoIp7as=</Q>
</RSAParameters>

Certificate Public/Private Key

<?xml version="1.0" encoding="utf-16"?>
<RSAParameters xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
  <D>acci6XwKT7S07iLbAxjtsWBNwgD7Kfd6nrH6mpM641d7SQliWFkwQhHWmg1jibqjkb0mGqTshC/gGuevGqkyl6XkiSriWTI8qa9ird5kB3wU5SfVVVIrbCT62MbRPHsoT19aZ0R7q4BKgwNhyKTTzp6A6v5xrXFC5EQW3zWeM9ejAC3EbtX00sW5bk8gfaM7K0WsGM7+Rnt7DQThUmq5BBU6+Y+LmiVbH5vzHx5TcNvA9gwRZZQZnxk4VJYmQzI6WlpxFb6j6pZtTIm6FjRyvfU+crSsbCCNlT9YE56pBzsyXvulxoMMEQlETQjkQGR8BLFtuB39OeTtguiBNQqBwQ==</D>
  <DP>czjupzMarhYO22UODF9+HEHH/1LHeWlIQTkpBjrwW6l+sz3S/8w03geIDZT3AEmuw0Er9osTIW2XJKCbQ2aFJUI/6+G+8abNLyZ1IiKTjHABvxrGnksZPugZKJR5SJV6rDGjhqUjreA8lwupG3A12gw5uH++A7h6W99xHgN0TEk=</DP>
  <DQ>VP5OIkKbpKtumCI0ZG5NMRilb94To2tfWYI68BDnKnr0yVU5GqdI5YYIm8eWDL545+0uVVMovh+OpUU4/0XOmYQhCjZyOFGRwTUoCez5gCONdi70nSJmO2p/sphN4TScdqWq6sLSGvnh5vqckGB1qXX3B8SUVLJGJZtzuykC6b0=</DQ>
  <Exponent>AQAB</Exponent>
  <InverseQ>0JxnoTU7JGuy+jxi2tLLbRvfz+kLXNr9S2KqJ9/1tsHjGv8vVkgJS2XUS6dYokDjanOO1+YNiuqbl3O//8DQoFL7Z8u8dDkg0Rr0hklLt8jv7XXyA6AYyhKum191wArpwTp/QNVn7Rwz+JzAxoSmh8dWp5qS42ojDWu2yez6nDg=</InverseQ>
  <Modulus>4MynKb9hPbRtzUsBOmzSaTZmhoGUI41YZS7Y+KB+5pFDj7yezfA7dySl7auapgwIAXeOXjrd7GluSGuJeY1iUBAsOOjvP5PMO0XRdLXqw4y+8YuAZlYK2CPJlx3io+gysWpsNMm3YPon6FcJ+oJvohz8HFo5xvGTKgNyPRpLSieN6O2HQL8snTeim+Br68XHUASqZ31gBRlPRKQFpGX6b6WyOW81jWhblj6FL4Wtcl5c8giJ/HbRndHWKLWqVha6DDQWLEkpaUEmNt8amn+lsgS8pfvsKO1N0sUYbo7U1FLAEQf3Grth8iDGeWXuP72m+La6rBMdcCseHjO7mzv+5Q==</Modulus>
  <P>+KtAB0xrNWC6STlYkkKaSZhCkv7eX58q+Rc6MEVisozsHo4z5KVOF0mfJXbHLrwAnWiArR1TcB6OTb3BKUw42fdcTaxP2IcTZcIKVyYk3YrBGEIS15MlM9lBXXZq/PrgaMXwVs2QmFDzZAsYbnsB7sTxyMtkNI7b4SkfWOsNtrk=</P>
  <Q>521BV++5y0yKQ7fD6bFfwBNMrldx1Ssopl1+91Rz+Cbgs3kz70jBtokqFcN1I4T6smOvJlvlgi2jEhcwhDcSgp5w6pWG14GUio4s2m74iOBad77aD+E703a+FBoreaD+tIRfQuipuoDwo9gA4fbEroNRgGJSMB/EsSEPgNfDs40=</Q>
</RSAParameters>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment