ONLY USE SELF SIGNED CERTIFICATES INTERNALLY OR FOR TESTING. USE A SERVICE LIKE LETSENCRYPT FOR REAL CERTIFICATES. THIS PROGRAM WILL GENERATE A CERTIFICATE AUTHORITY KEY PAIR AND A CERTIFICATE SIGNED BY THAT AUTHORITY. CERTIFICATES ARE ONLY VALID FOR 30 DAYS. AFTER THAT TIME YOU NEED A NEW ISSUER AND CERTIFICATE.
Quickstart Instructions (Basic Usage)
Server Instructions
ONLY DO THIS STEP ON THE SERVER. IT SHOULD NOT BE DONE ON CLIENTS. THIS STRING CONTAINS A BASE64 ENCODED PFX FILE, WHICH IS A COMBINATION OF THE CERTIFICATE AND THE PRIVATE KEY FOR THE CERTIFICATE WHICH IS USED TO SIGN KEY EXCHANGES.
In the NetworkingManager.NetworkConfig ServerBase64PfxCertificate
text field. Enter the following:
MIIJaQIBAzCCCS8GCSqGSIb3DQEHAaCCCSAEggkcMIIJGDCCA88GCSqGSIb3DQEHBqCCA8AwggO8AgEAMIIDtQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQI289SFZvdlJQCAggAgIIDiHsk6YibzfnDozTEQQ8ujiCgDNuepkicolMdVjaAOK9VwJEUPsTXQiMv8snlFn+p3l8fiZ6HfB6S2aEnES8CbSoLCKGUvIRpeugn6ezevM9V2P84cSq8vOmfST7hTMf9U8njQfCOtrFMARCcsaBIrcTer2tF0WdKFA7bxP3UX+AR50OMj80uCBTQsHZ+6lieZdNmKcQaA5vQ94eHAiSRZDBdJY/MjgbkPglpWDmXzfkkxvXsXj1AxZdKYD5lGNIekLUjP1o6R7ZIxpw3bWEW4FJ/tc1A4UcgUmrxe7ARS1kc7iArTe+XLnJlOxMDuY8LELbRENbEoJWs9on1qPidTqvI9YKZRgGTfQ8Mfh1/gAvWaLOQUF+1IbQB5AvYJA87w5RPTzWx8HL50sgPq5Fp3FUVaFjd6rIum4LQULzwpD/AIfQ+sAlNwzZ4nsPzmuCSnFoVF9vSDS9qW6Uu1ccaGdbCqLyPfEMOq+NkgAig/zcCKsLeYV+SPrmUjNN+vOsHFxPXCSf45lGCp19wH0xmwP45fgUXF5DSbWIKknfzZ+W/6dZY5XsG6ZfXzKKgE+1SOhBrF4L6KGkq0tV45VUFVzcAGBFfX+vBGwZu7cwpKGucUAPaYH0ti6VeGp6f6ijkDHLc25tfu7Vb0TwavidB4ISJVYj0WAdZPBFlvnJSrNFiChaak7HgVe4wuWU+WnZuaWeWsjOOUMv8DmgBN3FddiIeBXNcB8hlfCjgKExzimhB56pP+E94AAO2JHUPUe4as5cFel02tfhRTKHJz5uNTG5PKPIH3eawCDmUPuNZZNbLM1H07w2f02BsNf9Xo+82KRkpYuvtSP50o7FB9+3Y8cEPmxW29pB4QZQnF0SImIuTAxuKAB6U7CJYiLE4ZhLPv05FYWej3zDAIPouwHctiWy8MKOcro3W6OBy34MG0aJM6iRPvTWQhj27EFy7PZuXn+C26OVXB2PoHjGQh0Po0rWzdpft1OIvbU2LCziDzbblGBPqZ0wVtfQZUQwWAeCGvPQSLdGYHahONHqmd0FN06wdQcASUXrX16AvpAsM6m49CN5yT181dcFKt0HaMAsgULKUIawFq8YPgl2/KREie1LsWZh0Wp9EmWpuERZBN9D3q9L+34d+76NcycxMwD8yhBCu0oMlfukgyL3z/Hq4gWrtDOWfO5+uklK6OBnecAaCcul2AiP4fdswggVBBgkqhkiG9w0BBwGgggUyBIIFLjCCBSowggUmBgsqhkiG9w0BDAoBAqCCBO4wggTqMBwGCiqGSIb3DQEMAQMwDgQIyV2xxvb3fdQCAggABIIEyNbRjg/nRM4Gx6tq3C+wcCjDNdXo5/eIYKXEpQZRwB9T6OxYrWb70oN/a3bCpTfjAIYYv5PjBMFl0XFD1k4hahBNx4wbj5MFeUDnz6SRohsLY9IHIWTlmjA5bJ0nVdVv8uDjCcyY6soYYdkEgv/47FU1PMx49rFC+tF3VRf4+4EOFvc20nN7c191AV7IbWgoLq1Mi8zbkP9q4PDJQ/owmhsL+INNVJ+1NSYFWROeREUKNR2SDFySvvNZK2TX5S9Egv+kQW/WYcmJp2PmqO3JM3bR0KtLuvcuEqIGOY27uWz1qOfROxbMdseCMIs4MLwOmSADwMin7WCfkzWs9KYzVJ1VP/sZvhaIQ60Hj/Uv2PMI//nVqX+kfNhTywNWNu46VJEvTb102LZBFt5tC2bGz7xTQgWbrTBesoX2O0HnDTyTMhgbMGdUfOj85YwU5yePZUFbPPOoAofn30aftC6ukk+ONMMfQXDSIC+yXd31mgP2NClMu9+TzQq2nyr9/ssp/mkLx8aQYK6ZMH+sbHaY49ntfS4pnGc0Jv94yVss4AdTqI3a3OwLGYwisInMNYi+MTE4givPTNtG/ZgVmF9VkIhD6b2bCC+3rhw3/I5tiSLu9oVEBx0sPnNlVfJ3MkXhzZnhvNKVfYIbJTo1+LcnvbwhXULGphrL7izQt+C3b39PbD4TlQDPC5j6T+iWBUGGHVA5F+9mpN4ZT5KKUMENkpv8I64AS6xYWFUQRcfRn4jswYNyB1lknCakhap2RsvMut518vMtYCwJDWs8+F/m3MYHbo+TxQNgNZuEEhWLsXF67Z82wAX6J6FlzhoDpAuQZpdRqtAoL6qV140SdcjIiHhYQb/J1muIkLfOT+LjuDtSeN9lv8UURsqiiDcmT/239LzKyiIi6royXqD13ftEKbZIivLLt2J/n4vkl1VwRC2oSmAeQTeCgaHV2e8A9lQbGfEwXRsR9ocJIZtuJ5yAJhZFhaUroUo7terLaLhgI4zIDinYOx6wv5Z+Yd0dpl8ZKKfd8ZeYPBYmZWRAKaInbzWMwO1RvM6Vjf5dWdmX6HsMc73Kb+WdJWEOovKZQKe26B19qQj1j5mNngu5EAjgGam/OKyyAD5krfkIeY9Td/ZTq39HP9X+t+osRGIvUQayeOpI2QfEU0pbwHXIejC6OTFN0bupDG5mqWGxBxO9VJ0dYaxs8fcwNsiVXlczVgN7qHaddWfU+u1ZNe1yyLoFWNE76TzMfXSvRhBITn1M7H3vC9mRbmjbUfrIhjuOB+kRZjnr7y/PotEkSppPEa+gJgYMyg/9+QLZvp7BCf1/bOvvkOrqKBOoFhOlJ7oYGAtDZ0gi774SfqXS4o1wctv9KIR6S+17wTJYSHmpWifTfVokeTdmnSzR6l0i7ZyoUc+1TS4M10xvK8BoNMxmUYUk0kse3tBY0UnW2xN7IX2q0qFXzOFmUnAPn2Ra2gC9d73lG5FrPl8tI2C0hL8hM/Q4qNa1hixJlrw3cXwOepys0SC6RC3mnkD54dwvnC9TRTP56YDStp0C9lny36QykDO2KKkspvsJeKB35UasWorp1lIBlrZXz4eimQ1I+2LGASJsw92RtjdktRpA5axnKJ9ICnaOS+fovzPqEzElMCMGCSqGSIb3DQEJFTEWBBSMfXHN4HzhGSn0DOP9cc2OZL6XqDAxMCEwCQYFKw4DAhoFAAQU4EnN+Dmpn1EbAcPpeJLX86Q5auMECKpf/v2VrTD/AgIIAA==
Client instructions
To make clients trust your certificate issuer. Please do the following before connecting:
CryptographyHelper.OnValidateCertificateCallback = (certificate, hostname) =>
{
X509Certificate2 issuerCertificate = new X509Certificate2(Convert.FromBase64String("MIIC5zCCAc+gAwIBAgIJAPZO44VRq8CtMA0GCSqGSIb3DQEBCwUAMBkxFzAVBgNVBAMTDlVubmFtZWQgSXNzdWVyMB4XDTIwMDkxNjA4NDAzN1oXDTIwMTAxNjA4NDAzN1owGTEXMBUGA1UEAxMOVW5uYW1lZCBJc3N1ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOCgWCThOWhVfnZ//xJqCkZQfQv6tBUhutFi8a0fbhIeqNXuhz9JwLQikivNmdrvXHZ+FXxMn/eJGmEsCXUP6WgndR3SUnBdbM9t3o20fHxzPhlnY9Aurlk+LKvWY3YV4yw1KLDdEN6DsNXkKtZsnIOP/1/EPRDq9jr6VUaQoGSXlvb8ko7TOicdFftbot4CSGjgX4geQM1zUi379fifawf6On7N+ep+1/cqi2nEoVmbXERdJusqlWHY9veJRx9+TM8yPvjNzxO+TCZJOZwnVpAn2IPRiLJN5oGSCD2hl5Vvl2CRAP7ovSiFPLnf+DhSZOd1eD/+CIot3LOV29h3GNAgMBAAGjMjAwMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFNLDNJdlIJeEbGbjI5f/szL121q0MA0GCSqGSIb3DQEBCwUAA4IBAQBeFxTwz8PildNITgxR4nE0pdarIDLyNq5ovsvPfv8Qq6mFJpNxiLVtJDNaalwvCPNUYvjraup6Hns7tsz+HBDOFVNgHSSvJ4N+/oMahHycHWTRVluCb69m1aWHK1HebAX+EywtHMJEG1HjuSwN7AFajUhjlb+TS197NtGMBIPito0K28ptmoDFjbLuaQx2vr+l+tZT6GFHwXsQvRYhNFRq3qdscu/7yc7lGXNOmzs8EBvkshYxPwWeLCLU5BHppuwX12vK7VRVD6pIBLM4scvf791WceZi9sqPx1RWiXM7LBphSgTT3VGbZwjA1XXSQ6W8DAJFbPYWI1E+d0LmACt1"));
X509Chain verify = new X509Chain();
verify.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck;
verify.ChainPolicy.ExtraStore.Add(issuerCertificate);
verify.ChainPolicy.VerificationFlags = X509VerificationFlags.AllowUnknownCertificateAuthority;
// Check if the chain accepts it. This can mean that it's from a CA we trust OR our own CA.
bool isAcceptedByChain = verify.Build(new X509Certificate2(certificate));
if (isAcceptedByChain)
{
// Validate with the last added CA, that's our CA
return verify.ChainElements[verify.ChainElements.Count - 1].Certificate.Thumbprint == issuerCertificate.Thumbprint;
}
return false;
}
Details (Advanced Users Only)
Property | Value |
---|---|
Issuer Name | CN=Unnamed Issuer |
Issuer Key Type | RSA |
Issuer Key Size | 2048 |
Issuer Validity Start | 16/09/2020 09:40:37 (UTC) |
Issuer Validity End | 16/10/2020 09:40:37 (UTC) |
Issuer Serial Number | 00F64EE38551ABC0AD |
Issuer Thumbprint | 71EF47BAAECC999EDE3CAB0E2F8CECAC9B8378B6 |
Certificate Name | CN=Unnamed MLAPI Development Certificate |
Certificate Serial Number | 00AC5F21349D3140B69DA7FFC8932EB979 |
Certificate Thumbprint | 8C7D71CDE07CE11929F40CE3FD71CD8E64BE97A8 |
Certificate Key Type | RSA |
Certificate Key Size | 2048 |
Certificate Validity Start | 16/09/2020 09:40:37 (UTC) |
Certificate Validity End | 16/10/2020 09:40:37 (UTC) |
Keys
These are the keys that were used
Issuer Public/Private Key
<?xml version="1.0" encoding="utf-16"?>
<RSAParameters xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<D>TeBl0qm2J6eA4Tti9wA1qc1yFcnMbiUdxt9isI159gA+ym58CBAFxw+bwsCEtGAED/nIp8b+3qvwyUe/ObJod/UaKnwe5dAEL3aDy9bOG8nEZ1jamhb3OA0cpKrP7tDDrQY8tchkIxCK+XOOWkJGtIIu5QgTjfox+sjSAcSuAE+plAxuzVMbY1LHfEvBLM7aCuJYPyAoTH741kMZnzdRa5jCIrH1Y+ZFdcq+tShmmnRc1KVUZR1XsWPp8uZZN20W2otOfuN8z4vZko5xu2u+6Nj3cndP6+ZLYVl+YEscIuu593906ZhRDyNrI229lMpDj2rmKMymc+RkMsW2Epx0AQ==</D>
<DP>NLmZfpoWCtUu+72eX52PpoTqwFeMWcm16Em+40mF80h6u8l2MTBFEgXl6262pH34jBEpEj2u3o6bB+WhMttLNrC2v0worJjFJnQ96kEbT4uwyenCiORzymzwEn47+YFGuPzdz4YYf/kaPk6fN+tkeLOwfOrthTzlna+nVWSY3bk=</DP>
<DQ>c86bQAFfjS3PAlryop0TUpeY+XXrFz5Vh4lrrNmhGuLnkzUGI0nG4GDjjTk2g766bqK2fQdbeG1svFDbROR6togPce3JOHT/YE/mi41aj6zJBpo5QwJdqiB83p+kI+OmwGQjESGFZ1sca8pti6shZuLlsbbbpRBA+buBBLS/8AE=</DQ>
<Exponent>AQAB</Exponent>
<InverseQ>Yz4z1OPMHgHw8149Cqj620b7FcplfvtxMgXLXMIMxkFFjieEcCQByot0Qs+if5t0VcYTOVYGAE0cNGRus4gCFcu6eB1Nc9zer9Kbq7QWi+ZbdE4iMnDkgY5kfMxRg8rbufEERjwBxhVB6dFbv5JkyFfx0GNfRpTFzBScH6oP5vA=</InverseQ>
<Modulus>zgoFgk4TloVX52f/8SagpGUH0L+rQVIbrRYvGtH24SHqjV7oc/ScC0IpIrzZna71x2fhV8TJ/3iRphLAl1D+loJ3Ud0lJwXWzPbd6NtHx8cz4ZZ2PQLq5ZPiyr1mN2FeMsNSiw3RDeg7DV5CrWbJyDj/9fxD0Q6vY6+lVGkKBkl5b2/JKO0zonHRX7W6LeAkho4F+IHkDNc1It+/X4n2sH+jp+zfnqftf3KotpxKFZm1xEXSbrKpVh2Pb3iUcffkzPMj74zc8TvkwmSTmcJ1aQJ9iD0YiyTeaBkgg9oZeVb5dgkQD+6L0ohTy53/g4UmTndXg//giKLdyzldvYdxjQ==</Modulus>
<P>5ddxYFZyCR0mH+MFKdqYBylU7GOGGg3SVKhcCYrvofpy+mJR2RTqNYTIrnJCdsxawqA4LrQtBrvy5Z4kLQfViB8D/BlWWF3AkwKPfKmxwAaLYpFb9nJwtOsqhsPu1M3W1KO4sW5O6MRWWzeSUHws4zmtY+Bv+rp4zpstWLcOYI0=</P>
<Q>5X0VCz6Kk/tDn7iTnIugQrdjlZp6OA249HlGZVnmZdYoTIN6bdrsYuSoy1aZzKR1wwsP+YsGz2U56e+WJuMjwRrsA3JG5B6m3k6TGYshyc9k10c2mMxb/n/eTj8vdlaHxaBp7vGvEfZebYmL/7ITNmdjnKUSq4B67/7384kjlQE=</Q>
</RSAParameters>
Certificate Public/Private Key
<?xml version="1.0" encoding="utf-16"?>
<RSAParameters xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<D>AYMpED21Zfw0MzQn1xNPY+i6d/5kIpX0RCub1pbPuVvNPagtuNqxtiUbQOPYQEHdkdeqyZ7F/lXNwmeq4wkxxKM+gZwEPahxOWpA1+Kz/E7q1Nf2hssXa6jtmg98k4jBT+E3+bYyeKvM43AqXy5KAkqSpzpepjhQUIpNbRVRoPfBEWnR+F8ipe+MmJzZEAIwu3MICPfbUySyShFfUmhw7HQKuyHLPzSBdedlf0ti697LscNHiKA3g9rm2k5PMTgAcbV4pz42JRLxCVpHu1ebCF83Vq/1huCjF8+4PPoxBi7rmKIEZ/ODe++9F4sO/Uyll26iTS3doLKHoJFqHMsMAQ==</D>
<DP>tnxcptGG/my75pGcAPnjVfHcB4ebT1SuFr29baoScpd8wDC4Y2Bb6qy7vgHAxCE5egOUoDER7k3AiQJhUcXYyB1S33u406SM35VuV1E9p41PCa67u8oUizfzXn4qE5XF6sxKYqqj6+Vd6CuVRE7/8sQB7HwGol8pJm2ELhuTCSE=</DP>
<DQ>XKX852KZ8alrdestODDpliHw5+pcLwMRVX7MHEK9x7GMh0OXvBtPYjDDUHwT225+xNj31MDJ6Amhgj9J1uFcDML82fhzcaa30f72o92967Rv6kYb/uNSnoRxjrU7xlGUey2tericgQWhmRFBYw5UOWSjiadE+do1yDIQnG2boOE=</DQ>
<Exponent>AQAB</Exponent>
<InverseQ>mKq2eBj0TXWdr/eT0t+EdWilhJAf0mKGHOwPynPVvrIjFOHHJ9fX7OLkVuI/tFElJz7fu2xcAgzLmfGcIpvSPKjLWEEjGXqWethp//e5/MecS+/dKcEZGow48wBtgCyCSyoiWdFkBL36PLIB6VtLRzMkF1CqblD/cdD13GAX/Wg=</InverseQ>
<Modulus>wxuAtMxqrilqiUAFqOUFp13sNNe//QV3/+/g2wk6itj+uCX8fS+nut5v30soXcp+2E7ugctlWJc6j9ZR/gZz0iXeKZYZCGhBcJ5dzWCw4zoF7UAvwE+61dhSItDzaX1nH4LzXdG65Oyg4Ed2mYenmX1zzh8uqMzeKaJAMcLg5n+/sIaXrIT3gyE4EzEcLw1UwVUxf1xC812ROY2A6e4WhUjxi81q/whhOecIYx1qvWgq5TB4hGk5j/FpbCWSIEtp5l45xJyXaq0uUAEhA48n1+s8zpbm2o1M/sLfiq9r3r/U1WJUTXu72acsSk37f6VZCN9gEUUbewjKoaMyRBnU2Q==</Modulus>
<P>5MgnO3AcNR+N2mgn7zjDxM8K87YRBvV2nJnjx4/+BlivRzoUFrT8iHBGVj8jYayW3ljMfEdzT5AahF2MKbNGEtNE5H7Wo+VNmLDMLUR44sYBb1EPZPbWyWxh4I7N9FqQ5AX//C9q2Chwn3+kZxO95ZCXsolDeuxOXNWMoWPksmE=</P>
<Q>2lHAbUXuSuuKBujL2+aJsWNKgE5jRpMOjG1wlS218Xy+XB8Q0sclt1JERfMnR+2vQCwm3AitRrAB4Gq877gCfIMD/Dg8LlZ2tbnBggwE8m+FKUFpKchq8DI4p/Sb7D2pASlHna05fSqMtXfw3tLj+nwypY/8LmJNajhp4GSppXk=</Q>
</RSAParameters>