Skip to content

Instantly share code, notes, and snippets.

@MidLevel-Bot

MidLevel-Bot/quickstart.md Secret

Created Sep 16, 2020
Embed
What would you like to do?
http://cert.midlevel.io/ Generated on 16/09/2020 08:40:37 by ::ffff:3.237.94.109

ONLY USE SELF SIGNED CERTIFICATES INTERNALLY OR FOR TESTING. USE A SERVICE LIKE LETSENCRYPT FOR REAL CERTIFICATES. THIS PROGRAM WILL GENERATE A CERTIFICATE AUTHORITY KEY PAIR AND A CERTIFICATE SIGNED BY THAT AUTHORITY. CERTIFICATES ARE ONLY VALID FOR 30 DAYS. AFTER THAT TIME YOU NEED A NEW ISSUER AND CERTIFICATE.

Quickstart Instructions (Basic Usage)

Server Instructions

ONLY DO THIS STEP ON THE SERVER. IT SHOULD NOT BE DONE ON CLIENTS. THIS STRING CONTAINS A BASE64 ENCODED PFX FILE, WHICH IS A COMBINATION OF THE CERTIFICATE AND THE PRIVATE KEY FOR THE CERTIFICATE WHICH IS USED TO SIGN KEY EXCHANGES.

In the NetworkingManager.NetworkConfig ServerBase64PfxCertificate text field. Enter the following:

MIIJaQIBAzCCCS8GCSqGSIb3DQEHAaCCCSAEggkcMIIJGDCCA88GCSqGSIb3DQEHBqCCA8AwggO8AgEAMIIDtQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQI289SFZvdlJQCAggAgIIDiHsk6YibzfnDozTEQQ8ujiCgDNuepkicolMdVjaAOK9VwJEUPsTXQiMv8snlFn+p3l8fiZ6HfB6S2aEnES8CbSoLCKGUvIRpeugn6ezevM9V2P84cSq8vOmfST7hTMf9U8njQfCOtrFMARCcsaBIrcTer2tF0WdKFA7bxP3UX+AR50OMj80uCBTQsHZ+6lieZdNmKcQaA5vQ94eHAiSRZDBdJY/MjgbkPglpWDmXzfkkxvXsXj1AxZdKYD5lGNIekLUjP1o6R7ZIxpw3bWEW4FJ/tc1A4UcgUmrxe7ARS1kc7iArTe+XLnJlOxMDuY8LELbRENbEoJWs9on1qPidTqvI9YKZRgGTfQ8Mfh1/gAvWaLOQUF+1IbQB5AvYJA87w5RPTzWx8HL50sgPq5Fp3FUVaFjd6rIum4LQULzwpD/AIfQ+sAlNwzZ4nsPzmuCSnFoVF9vSDS9qW6Uu1ccaGdbCqLyPfEMOq+NkgAig/zcCKsLeYV+SPrmUjNN+vOsHFxPXCSf45lGCp19wH0xmwP45fgUXF5DSbWIKknfzZ+W/6dZY5XsG6ZfXzKKgE+1SOhBrF4L6KGkq0tV45VUFVzcAGBFfX+vBGwZu7cwpKGucUAPaYH0ti6VeGp6f6ijkDHLc25tfu7Vb0TwavidB4ISJVYj0WAdZPBFlvnJSrNFiChaak7HgVe4wuWU+WnZuaWeWsjOOUMv8DmgBN3FddiIeBXNcB8hlfCjgKExzimhB56pP+E94AAO2JHUPUe4as5cFel02tfhRTKHJz5uNTG5PKPIH3eawCDmUPuNZZNbLM1H07w2f02BsNf9Xo+82KRkpYuvtSP50o7FB9+3Y8cEPmxW29pB4QZQnF0SImIuTAxuKAB6U7CJYiLE4ZhLPv05FYWej3zDAIPouwHctiWy8MKOcro3W6OBy34MG0aJM6iRPvTWQhj27EFy7PZuXn+C26OVXB2PoHjGQh0Po0rWzdpft1OIvbU2LCziDzbblGBPqZ0wVtfQZUQwWAeCGvPQSLdGYHahONHqmd0FN06wdQcASUXrX16AvpAsM6m49CN5yT181dcFKt0HaMAsgULKUIawFq8YPgl2/KREie1LsWZh0Wp9EmWpuERZBN9D3q9L+34d+76NcycxMwD8yhBCu0oMlfukgyL3z/Hq4gWrtDOWfO5+uklK6OBnecAaCcul2AiP4fdswggVBBgkqhkiG9w0BBwGgggUyBIIFLjCCBSowggUmBgsqhkiG9w0BDAoBAqCCBO4wggTqMBwGCiqGSIb3DQEMAQMwDgQIyV2xxvb3fdQCAggABIIEyNbRjg/nRM4Gx6tq3C+wcCjDNdXo5/eIYKXEpQZRwB9T6OxYrWb70oN/a3bCpTfjAIYYv5PjBMFl0XFD1k4hahBNx4wbj5MFeUDnz6SRohsLY9IHIWTlmjA5bJ0nVdVv8uDjCcyY6soYYdkEgv/47FU1PMx49rFC+tF3VRf4+4EOFvc20nN7c191AV7IbWgoLq1Mi8zbkP9q4PDJQ/owmhsL+INNVJ+1NSYFWROeREUKNR2SDFySvvNZK2TX5S9Egv+kQW/WYcmJp2PmqO3JM3bR0KtLuvcuEqIGOY27uWz1qOfROxbMdseCMIs4MLwOmSADwMin7WCfkzWs9KYzVJ1VP/sZvhaIQ60Hj/Uv2PMI//nVqX+kfNhTywNWNu46VJEvTb102LZBFt5tC2bGz7xTQgWbrTBesoX2O0HnDTyTMhgbMGdUfOj85YwU5yePZUFbPPOoAofn30aftC6ukk+ONMMfQXDSIC+yXd31mgP2NClMu9+TzQq2nyr9/ssp/mkLx8aQYK6ZMH+sbHaY49ntfS4pnGc0Jv94yVss4AdTqI3a3OwLGYwisInMNYi+MTE4givPTNtG/ZgVmF9VkIhD6b2bCC+3rhw3/I5tiSLu9oVEBx0sPnNlVfJ3MkXhzZnhvNKVfYIbJTo1+LcnvbwhXULGphrL7izQt+C3b39PbD4TlQDPC5j6T+iWBUGGHVA5F+9mpN4ZT5KKUMENkpv8I64AS6xYWFUQRcfRn4jswYNyB1lknCakhap2RsvMut518vMtYCwJDWs8+F/m3MYHbo+TxQNgNZuEEhWLsXF67Z82wAX6J6FlzhoDpAuQZpdRqtAoL6qV140SdcjIiHhYQb/J1muIkLfOT+LjuDtSeN9lv8UURsqiiDcmT/239LzKyiIi6royXqD13ftEKbZIivLLt2J/n4vkl1VwRC2oSmAeQTeCgaHV2e8A9lQbGfEwXRsR9ocJIZtuJ5yAJhZFhaUroUo7terLaLhgI4zIDinYOx6wv5Z+Yd0dpl8ZKKfd8ZeYPBYmZWRAKaInbzWMwO1RvM6Vjf5dWdmX6HsMc73Kb+WdJWEOovKZQKe26B19qQj1j5mNngu5EAjgGam/OKyyAD5krfkIeY9Td/ZTq39HP9X+t+osRGIvUQayeOpI2QfEU0pbwHXIejC6OTFN0bupDG5mqWGxBxO9VJ0dYaxs8fcwNsiVXlczVgN7qHaddWfU+u1ZNe1yyLoFWNE76TzMfXSvRhBITn1M7H3vC9mRbmjbUfrIhjuOB+kRZjnr7y/PotEkSppPEa+gJgYMyg/9+QLZvp7BCf1/bOvvkOrqKBOoFhOlJ7oYGAtDZ0gi774SfqXS4o1wctv9KIR6S+17wTJYSHmpWifTfVokeTdmnSzR6l0i7ZyoUc+1TS4M10xvK8BoNMxmUYUk0kse3tBY0UnW2xN7IX2q0qFXzOFmUnAPn2Ra2gC9d73lG5FrPl8tI2C0hL8hM/Q4qNa1hixJlrw3cXwOepys0SC6RC3mnkD54dwvnC9TRTP56YDStp0C9lny36QykDO2KKkspvsJeKB35UasWorp1lIBlrZXz4eimQ1I+2LGASJsw92RtjdktRpA5axnKJ9ICnaOS+fovzPqEzElMCMGCSqGSIb3DQEJFTEWBBSMfXHN4HzhGSn0DOP9cc2OZL6XqDAxMCEwCQYFKw4DAhoFAAQU4EnN+Dmpn1EbAcPpeJLX86Q5auMECKpf/v2VrTD/AgIIAA==

Client instructions

To make clients trust your certificate issuer. Please do the following before connecting:

CryptographyHelper.OnValidateCertificateCallback = (certificate, hostname) =>
{
  X509Certificate2 issuerCertificate = new X509Certificate2(Convert.FromBase64String("MIIC5zCCAc+gAwIBAgIJAPZO44VRq8CtMA0GCSqGSIb3DQEBCwUAMBkxFzAVBgNVBAMTDlVubmFtZWQgSXNzdWVyMB4XDTIwMDkxNjA4NDAzN1oXDTIwMTAxNjA4NDAzN1owGTEXMBUGA1UEAxMOVW5uYW1lZCBJc3N1ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOCgWCThOWhVfnZ//xJqCkZQfQv6tBUhutFi8a0fbhIeqNXuhz9JwLQikivNmdrvXHZ+FXxMn/eJGmEsCXUP6WgndR3SUnBdbM9t3o20fHxzPhlnY9Aurlk+LKvWY3YV4yw1KLDdEN6DsNXkKtZsnIOP/1/EPRDq9jr6VUaQoGSXlvb8ko7TOicdFftbot4CSGjgX4geQM1zUi379fifawf6On7N+ep+1/cqi2nEoVmbXERdJusqlWHY9veJRx9+TM8yPvjNzxO+TCZJOZwnVpAn2IPRiLJN5oGSCD2hl5Vvl2CRAP7ovSiFPLnf+DhSZOd1eD/+CIot3LOV29h3GNAgMBAAGjMjAwMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFNLDNJdlIJeEbGbjI5f/szL121q0MA0GCSqGSIb3DQEBCwUAA4IBAQBeFxTwz8PildNITgxR4nE0pdarIDLyNq5ovsvPfv8Qq6mFJpNxiLVtJDNaalwvCPNUYvjraup6Hns7tsz+HBDOFVNgHSSvJ4N+/oMahHycHWTRVluCb69m1aWHK1HebAX+EywtHMJEG1HjuSwN7AFajUhjlb+TS197NtGMBIPito0K28ptmoDFjbLuaQx2vr+l+tZT6GFHwXsQvRYhNFRq3qdscu/7yc7lGXNOmzs8EBvkshYxPwWeLCLU5BHppuwX12vK7VRVD6pIBLM4scvf791WceZi9sqPx1RWiXM7LBphSgTT3VGbZwjA1XXSQ6W8DAJFbPYWI1E+d0LmACt1"));
  X509Chain verify = new X509Chain();
  verify.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck;
  verify.ChainPolicy.ExtraStore.Add(issuerCertificate);
  verify.ChainPolicy.VerificationFlags = X509VerificationFlags.AllowUnknownCertificateAuthority;

  // Check if the chain accepts it. This can mean that it's from a CA we trust OR our own CA.
  bool isAcceptedByChain = verify.Build(new X509Certificate2(certificate));

  if (isAcceptedByChain)
  {
    // Validate with the last added CA, that's our CA
    return verify.ChainElements[verify.ChainElements.Count - 1].Certificate.Thumbprint == issuerCertificate.Thumbprint;
  }

  return false;
}

Details (Advanced Users Only)

Property Value
Issuer Name CN=Unnamed Issuer
Issuer Key Type RSA
Issuer Key Size 2048
Issuer Validity Start 16/09/2020 09:40:37 (UTC)
Issuer Validity End 16/10/2020 09:40:37 (UTC)
Issuer Serial Number 00F64EE38551ABC0AD
Issuer Thumbprint 71EF47BAAECC999EDE3CAB0E2F8CECAC9B8378B6
Certificate Name CN=Unnamed MLAPI Development Certificate
Certificate Serial Number 00AC5F21349D3140B69DA7FFC8932EB979
Certificate Thumbprint 8C7D71CDE07CE11929F40CE3FD71CD8E64BE97A8
Certificate Key Type RSA
Certificate Key Size 2048
Certificate Validity Start 16/09/2020 09:40:37 (UTC)
Certificate Validity End 16/10/2020 09:40:37 (UTC)

Keys

These are the keys that were used

Issuer Public/Private Key

<?xml version="1.0" encoding="utf-16"?>
<RSAParameters xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
  <D>TeBl0qm2J6eA4Tti9wA1qc1yFcnMbiUdxt9isI159gA+ym58CBAFxw+bwsCEtGAED/nIp8b+3qvwyUe/ObJod/UaKnwe5dAEL3aDy9bOG8nEZ1jamhb3OA0cpKrP7tDDrQY8tchkIxCK+XOOWkJGtIIu5QgTjfox+sjSAcSuAE+plAxuzVMbY1LHfEvBLM7aCuJYPyAoTH741kMZnzdRa5jCIrH1Y+ZFdcq+tShmmnRc1KVUZR1XsWPp8uZZN20W2otOfuN8z4vZko5xu2u+6Nj3cndP6+ZLYVl+YEscIuu593906ZhRDyNrI229lMpDj2rmKMymc+RkMsW2Epx0AQ==</D>
  <DP>NLmZfpoWCtUu+72eX52PpoTqwFeMWcm16Em+40mF80h6u8l2MTBFEgXl6262pH34jBEpEj2u3o6bB+WhMttLNrC2v0worJjFJnQ96kEbT4uwyenCiORzymzwEn47+YFGuPzdz4YYf/kaPk6fN+tkeLOwfOrthTzlna+nVWSY3bk=</DP>
  <DQ>c86bQAFfjS3PAlryop0TUpeY+XXrFz5Vh4lrrNmhGuLnkzUGI0nG4GDjjTk2g766bqK2fQdbeG1svFDbROR6togPce3JOHT/YE/mi41aj6zJBpo5QwJdqiB83p+kI+OmwGQjESGFZ1sca8pti6shZuLlsbbbpRBA+buBBLS/8AE=</DQ>
  <Exponent>AQAB</Exponent>
  <InverseQ>Yz4z1OPMHgHw8149Cqj620b7FcplfvtxMgXLXMIMxkFFjieEcCQByot0Qs+if5t0VcYTOVYGAE0cNGRus4gCFcu6eB1Nc9zer9Kbq7QWi+ZbdE4iMnDkgY5kfMxRg8rbufEERjwBxhVB6dFbv5JkyFfx0GNfRpTFzBScH6oP5vA=</InverseQ>
  <Modulus>zgoFgk4TloVX52f/8SagpGUH0L+rQVIbrRYvGtH24SHqjV7oc/ScC0IpIrzZna71x2fhV8TJ/3iRphLAl1D+loJ3Ud0lJwXWzPbd6NtHx8cz4ZZ2PQLq5ZPiyr1mN2FeMsNSiw3RDeg7DV5CrWbJyDj/9fxD0Q6vY6+lVGkKBkl5b2/JKO0zonHRX7W6LeAkho4F+IHkDNc1It+/X4n2sH+jp+zfnqftf3KotpxKFZm1xEXSbrKpVh2Pb3iUcffkzPMj74zc8TvkwmSTmcJ1aQJ9iD0YiyTeaBkgg9oZeVb5dgkQD+6L0ohTy53/g4UmTndXg//giKLdyzldvYdxjQ==</Modulus>
  <P>5ddxYFZyCR0mH+MFKdqYBylU7GOGGg3SVKhcCYrvofpy+mJR2RTqNYTIrnJCdsxawqA4LrQtBrvy5Z4kLQfViB8D/BlWWF3AkwKPfKmxwAaLYpFb9nJwtOsqhsPu1M3W1KO4sW5O6MRWWzeSUHws4zmtY+Bv+rp4zpstWLcOYI0=</P>
  <Q>5X0VCz6Kk/tDn7iTnIugQrdjlZp6OA249HlGZVnmZdYoTIN6bdrsYuSoy1aZzKR1wwsP+YsGz2U56e+WJuMjwRrsA3JG5B6m3k6TGYshyc9k10c2mMxb/n/eTj8vdlaHxaBp7vGvEfZebYmL/7ITNmdjnKUSq4B67/7384kjlQE=</Q>
</RSAParameters>

Certificate Public/Private Key

<?xml version="1.0" encoding="utf-16"?>
<RSAParameters xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
  <D>AYMpED21Zfw0MzQn1xNPY+i6d/5kIpX0RCub1pbPuVvNPagtuNqxtiUbQOPYQEHdkdeqyZ7F/lXNwmeq4wkxxKM+gZwEPahxOWpA1+Kz/E7q1Nf2hssXa6jtmg98k4jBT+E3+bYyeKvM43AqXy5KAkqSpzpepjhQUIpNbRVRoPfBEWnR+F8ipe+MmJzZEAIwu3MICPfbUySyShFfUmhw7HQKuyHLPzSBdedlf0ti697LscNHiKA3g9rm2k5PMTgAcbV4pz42JRLxCVpHu1ebCF83Vq/1huCjF8+4PPoxBi7rmKIEZ/ODe++9F4sO/Uyll26iTS3doLKHoJFqHMsMAQ==</D>
  <DP>tnxcptGG/my75pGcAPnjVfHcB4ebT1SuFr29baoScpd8wDC4Y2Bb6qy7vgHAxCE5egOUoDER7k3AiQJhUcXYyB1S33u406SM35VuV1E9p41PCa67u8oUizfzXn4qE5XF6sxKYqqj6+Vd6CuVRE7/8sQB7HwGol8pJm2ELhuTCSE=</DP>
  <DQ>XKX852KZ8alrdestODDpliHw5+pcLwMRVX7MHEK9x7GMh0OXvBtPYjDDUHwT225+xNj31MDJ6Amhgj9J1uFcDML82fhzcaa30f72o92967Rv6kYb/uNSnoRxjrU7xlGUey2tericgQWhmRFBYw5UOWSjiadE+do1yDIQnG2boOE=</DQ>
  <Exponent>AQAB</Exponent>
  <InverseQ>mKq2eBj0TXWdr/eT0t+EdWilhJAf0mKGHOwPynPVvrIjFOHHJ9fX7OLkVuI/tFElJz7fu2xcAgzLmfGcIpvSPKjLWEEjGXqWethp//e5/MecS+/dKcEZGow48wBtgCyCSyoiWdFkBL36PLIB6VtLRzMkF1CqblD/cdD13GAX/Wg=</InverseQ>
  <Modulus>wxuAtMxqrilqiUAFqOUFp13sNNe//QV3/+/g2wk6itj+uCX8fS+nut5v30soXcp+2E7ugctlWJc6j9ZR/gZz0iXeKZYZCGhBcJ5dzWCw4zoF7UAvwE+61dhSItDzaX1nH4LzXdG65Oyg4Ed2mYenmX1zzh8uqMzeKaJAMcLg5n+/sIaXrIT3gyE4EzEcLw1UwVUxf1xC812ROY2A6e4WhUjxi81q/whhOecIYx1qvWgq5TB4hGk5j/FpbCWSIEtp5l45xJyXaq0uUAEhA48n1+s8zpbm2o1M/sLfiq9r3r/U1WJUTXu72acsSk37f6VZCN9gEUUbewjKoaMyRBnU2Q==</Modulus>
  <P>5MgnO3AcNR+N2mgn7zjDxM8K87YRBvV2nJnjx4/+BlivRzoUFrT8iHBGVj8jYayW3ljMfEdzT5AahF2MKbNGEtNE5H7Wo+VNmLDMLUR44sYBb1EPZPbWyWxh4I7N9FqQ5AX//C9q2Chwn3+kZxO95ZCXsolDeuxOXNWMoWPksmE=</P>
  <Q>2lHAbUXuSuuKBujL2+aJsWNKgE5jRpMOjG1wlS218Xy+XB8Q0sclt1JERfMnR+2vQCwm3AitRrAB4Gq877gCfIMD/Dg8LlZ2tbnBggwE8m+FKUFpKchq8DI4p/Sb7D2pASlHna05fSqMtXfw3tLj+nwypY/8LmJNajhp4GSppXk=</Q>
</RSAParameters>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.