Skip to content

Instantly share code, notes, and snippets.

@MidLevel-Bot

MidLevel-Bot/quickstart.md Secret

Created Aug 1, 2020
Embed
What would you like to do?
http://cert.midlevel.io/ Generated on 01/08/2020 15:24:51 by ::ffff:3.232.95.246

ONLY USE SELF SIGNED CERTIFICATES INTERNALLY OR FOR TESTING. USE A SERVICE LIKE LETSENCRYPT FOR REAL CERTIFICATES. THIS PROGRAM WILL GENERATE A CERTIFICATE AUTHORITY KEY PAIR AND A CERTIFICATE SIGNED BY THAT AUTHORITY. CERTIFICATES ARE ONLY VALID FOR 30 DAYS. AFTER THAT TIME YOU NEED A NEW ISSUER AND CERTIFICATE.

Quickstart Instructions (Basic Usage)

Server Instructions

ONLY DO THIS STEP ON THE SERVER. IT SHOULD NOT BE DONE ON CLIENTS. THIS STRING CONTAINS A BASE64 ENCODED PFX FILE, WHICH IS A COMBINATION OF THE CERTIFICATE AND THE PRIVATE KEY FOR THE CERTIFICATE WHICH IS USED TO SIGN KEY EXCHANGES.

In the NetworkingManager.NetworkConfig ServerBase64PfxCertificate text field. Enter the following:

MIIJaQIBAzCCCS8GCSqGSIb3DQEHAaCCCSAEggkcMIIJGDCCA88GCSqGSIb3DQEHBqCCA8AwggO8AgEAMIIDtQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQITxKHvlg+rL8CAggAgIIDiNh6y8j7C5jSL6CtP4Ukl6MN0yvAsEWKDd/J7YMSyZFeWqEE62JDKlzgSvO+LixURcKGWP/4bN158Cw439peuX+A2M5e78rJI6FXRs9/OMezYwJtHAxym6bOtjXRMQTEEFlDGRy4tb8iSIv/O0T581o8C1ld9StZ4/N/eT7pxiCBxP/3X6zR3JxNINmbGozXWOaVgNTS/c8rS42llnuw5ndo33ujnBw0xE1ZSl4G2TZjkQ3RFJW/ql1Xc0TgjI/k9R3YtsHHK7w7CeWAEFsXd08otw9kXt/CZ2SHD2OeopZFqoR7lAKdCw3IiX2DvA8eUiMoNqag0byaj5lDaTQByMc5qrElA6FGr/BWZ0ZCBwSzMCi4RFRHSqtTFFmXCCM/N0mTRepgWr3tW38sS7MD4BwZRjVjuiCYCvV6YT9kSJeEpy8RHQBDdvyHvRVKFdqaQnom43ynk3ykbZXBU269SaIC/Jfmiorxb1t/2AXN1IH8J7mDhNOBWEmUROH3/u79ZvlYlz8ZAy+r/l8PWIQcEUZPwour5tceV4TifLdSDRBcCTUWvajQyiSq4bxrihtocND4bDoMlp2pMS6oceS+xLNNMzH/mBDwQf6aw34vELkMc5rxmuNR3rVaGR9p56YFcN1klYFi0XbzNQfrOrpZ7VfAeuYFIaRpggKB1EGGVjg3xQ2j1mjPnlXRQ9wmsxflbK4Y3Bju5/1g6XaFoD6pbJJoTiEUVXektKnPp2ACKNv9n6AaC/9UbS9NpxNqAj53DsXMSVVj8006f0zrfusxvZtyKWaQ7z5xmx9d/hZYbrxChsc8Okcd7In7ccWg7Ff0pkhnCkRfU9eOahC5LmQ914r6x328rtlZubj+HeWh2d34ZatCOPvRRCTKZaM0QG68ArN8A3fFjyDexPZN7eUaPX8O/y6tVP1ojnoIlNjTLjzQyka7LBU2ug0pO6oJL845VIFTejxuZlGKiqqQzGDcKcKLz/oQNLWuwumASQBg/Ic4id5+s4EUoKJcT0djzdAk+f3M1Bj0UfD7TaCq9v/qC+EaqC0dCNi+BE5yYkeRY2Hk14HC+/UfUmStSQO22MBRCMFWn1xLPKeqTf2o6X1+0hwPhM3YycHk6IQObHFi7HF9iNMftW5s3WXBpX7nqrjDPCm+IoSW/I28JtTwaLOpMHB/XXEdnAGs5uAm/taIbuAghNE0tyVUnBswggVBBgkqhkiG9w0BBwGgggUyBIIFLjCCBSowggUmBgsqhkiG9w0BDAoBAqCCBO4wggTqMBwGCiqGSIb3DQEMAQMwDgQIRc1B7Ji6/AcCAggABIIEyHN0/OtUY4YQgdbdGsdIJnW3pZT7yyHKKkqVk+BTIgGjCrBbCalpbGuvvJL5xJuJzX+zG7uUDe3Rp0sOHyD5GJb+V1ZyRAZmRUQWHGMQ1jRjObNYSjcj9ZDn5Sk+H3lNk+DMNfbTQW+MvcdGVXL6ufU6HzbsBRrmC3+59ZE+CQajqtOgNuokCZcqirXLkKof1NFYVkjADbkxdXz9OK9CbnmUZz+9A8aEjUWbgWQYnf2S383DaUXoTIg/Y63+Bhep7EXZ25uXjRdG4ZPdoQZ3JyspdiF+7+VZlo/eGhoJArhnQO5mqcQlHqOhZ7u1kJZ6k1aavSyogRyLQ/FPuP+d5dREmaHCmORjP1gT1NxvgDFiGihbn4C6gzUu4kWnC760JR7S0SR0gdeebeEisqHuKXxd5zr7hf6lXfyB34BiN18HXV2UUyI5CG1fOTRTDtEIRw3rsGSXW3wllu0mbQXIhBWW430QYgtAsdUkteMU1IONUTwr3OwjdXSv6od50A0V07UKDVKnOfZNXWwz3t/ixUqqOPU9L7+5bYl9ARu+KPqimLLiak7eBG4mjT6BJBBGChnUqOb5FrSVP+BwnELX6F4bFg+vSgIA4h9cPQseFZEJAWKZ78O9mb1i4k44zIa8MA8mO/IcgW6wn7QoZxEmYSW0fABNNlgWaoHdeK+rmBwwaHkOK3Kfh87fPIo2pNjj0QSYwrLtDEzHUgMuiDm8GkSN5xpcfHjLPiaIk3TLPwS8mN6L6fRZZDeyMbI5EK5pgbge6LzInmxyisjr+QGTI+n4YRcsNtjp8Eo6tlanLZYAB1QIAxIzTWXIOdn5rNw7lIuPvN4ZvnWxGs6NAdpvN4sJ5wpdMewpSdIgUQO5x9HFO7B0HuZAMu4nqCfQwe9KknoORZX1rJ2c1Qwh6CNMegjr19tPlmKwewKqy9jxLtzLM9jkj4WOWHRXp1aCqLEFq9USM4Cw62XkUC3NC4L1VjUiThyZrOKEK9M+3cDCfKRq9v7zGHd6SovU1O/ZdTvdz7klkD5DK1UiTu84ZNO2eNkt+2/XcnyFf+TYdsxb7x140gtzw2PfAAkPADDfzhQscSedl6Eo1b+UueDHq1dMuVW0t0A2rst2CrJr2ijjkZU+fGZGQo/dizOlM8ZFLa8mCLSDvIFQ0UbaWF7odUsEKbymQ8Cd+Sm1ORUrOMnn0y8Z87Yr7kdAjtmZff55gjtp2UaPbNA8Q4s5eEH4yR8qZKjuu6d8knm1eF2jZok/KJFaw9nbCR9TD670rYS2oYXhZrI2qiPUgWT7e1JmUL8dpfpRWlBCiz2yqNcUgyG11gSYl7bkfuEDgjvGs9ewrxco0cIzt5aE/FMTw8Sw10jt+Ui7JHm8qd5R7uPiSNc43cFD6WMMzIDVH8yYbNG4t9vFoSj20lWqjlwyshGqP1p+4IFX5k+RlO3Ra2+nTItHjuNNp7/bqAgQdciN/kEwjQhCKAVqjUyBZ4+8b4igQSEXW7yWn75Diac2ndvJmqmO4G7L7BnJn7MYWxeleVR41ZVzJj1h9mhEezlGJYG6Jj7xxYHp5Z5jyIvfR0fg2XUiZ5uLyViliZlQ8i+NeWctFEHguHm3PNo26/O2r2YH5v2i4pzr8fUpyyu8cTElMCMGCSqGSIb3DQEJFTEWBBRBix5M1mBILX3gWcAkdcSpu/zVnDAxMCEwCQYFKw4DAhoFAAQUIzvlmjQvv97eBWk4Wxagqob8o5AECEk7rVDjmlkuAgIIAA==

Client instructions

To make clients trust your certificate issuer. Please do the following before connecting:

CryptographyHelper.OnValidateCertificateCallback = (certificate, hostname) =>
{
  X509Certificate2 issuerCertificate = new X509Certificate2(Convert.FromBase64String("MIIC5jCCAc6gAwIBAgIIJ/Qw1wYyxRUwDQYJKoZIhvcNAQELBQAwGTEXMBUGA1UEAxMOVW5uYW1lZCBJc3N1ZXIwHhcNMjAwODAxMTUyNDUxWhcNMjAwODMxMTUyNDUxWjAZMRcwFQYDVQQDEw5Vbm5hbWVkIElzc3VlcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANhDT9fQfwph7QyrzJBm01CSYPlKFipwy9SOYIoYZBDnrI+10q/C2DmlDMVUcdpXBZMymJT+79VQ17XsTE8I3KuKOHg3Rf77xJDE3gUVm01MYdf2TeqE/3JEgiy2jtg/bJMN6YgVX3lhL0mxAGlJgR48ZCzuugvBkpliniWyeCc9o0Cqzh8Z47wuddlqkqFHt8yCMPGMuiqR8Q5HHbTvWYjNzT36BFvY9b3sE1fVgWa0ulROj59GAwNx7iFiR6cjM8NJHAf1LrAHo+d/N947CqwK1Pu8u0XTUncbOzsb4bvqF8cyh8Vy4BEMDs53oMT7MxBsozkM5yIVPr3zrqaa9CMCAwEAAaMyMDAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU33HIsGeo/hwf2SVQDj972qAxt2EwDQYJKoZIhvcNAQELBQADggEBALHXXuUmMz9KFri/EJTA3/JGX2j8dhhPPwsoQK68Okp1tyMWPytvRaU0EBQaOSVKPLZ01JeipnQUfrNzDm6tYqb4dU/yXy1uoxvni0yQYmK1maaU5Yo4wLig4gvZCBwsELtyOb5MNuNQUrhmGon0IADIA3dAQcQICB8wpsmdpW3SjwKDiiohlXEzydPTK3MWlhNmpvsVj0DqgRymtBe0GdG8RXNLmTNmgPSxVbQzQIIEcThCROo468o4xRLGwsmyVSI/exhTvzo/AK1L+ec0XI9sxBYZ8tOw5zwPHogaf/7YVyMb/ppdEsLMdD7wptB4q+WSw+c0gWST0TLcMbjMIMs="));
  X509Chain verify = new X509Chain();
  verify.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck;
  verify.ChainPolicy.ExtraStore.Add(issuerCertificate);
  verify.ChainPolicy.VerificationFlags = X509VerificationFlags.AllowUnknownCertificateAuthority;

  // Check if the chain accepts it. This can mean that it's from a CA we trust OR our own CA.
  bool isAcceptedByChain = verify.Build(new X509Certificate2(certificate));

  if (isAcceptedByChain)
  {
    // Validate with the last added CA, that's our CA
    return verify.ChainElements[verify.ChainElements.Count - 1].Certificate.Thumbprint == issuerCertificate.Thumbprint;
  }

  return false;
}

Details (Advanced Users Only)

Property Value
Issuer Name CN=Unnamed Issuer
Issuer Key Type RSA
Issuer Key Size 2048
Issuer Validity Start 01/08/2020 16:24:51 (UTC)
Issuer Validity End 31/08/2020 16:24:51 (UTC)
Issuer Serial Number 27F430D70632C515
Issuer Thumbprint 0A6C720F835C6B8076D522E460DE7500BFBE97BA
Certificate Name CN=Unnamed MLAPI Development Certificate
Certificate Serial Number 0F287A594318C625D9061EA7BE5BB49B
Certificate Thumbprint 418B1E4CD660482D7DE059C02475C4A9BBFCD59C
Certificate Key Type RSA
Certificate Key Size 2048
Certificate Validity Start 01/08/2020 16:24:51 (UTC)
Certificate Validity End 31/08/2020 16:24:51 (UTC)

Keys

These are the keys that were used

Issuer Public/Private Key

<?xml version="1.0" encoding="utf-16"?>
<RSAParameters xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
  <D>n9oRWFp6rPf5OhZ63HnE1Jd+KoYCoFhDsdeTsD+bJ4u3V3p0QwpovSMsr2ddyJ/uNQF/GxLdv/VDnOsO9JR+WCWQ2/svN+xtPPznhyaTZq2A3RroOOMZ1iKhfd9q8pje7kuoRLhXm+akB3pX7Xsxf2HwQe4rgqkQbWQhtYeXnJhsjQFvht4fcbWBDZU2tr86UKqAIIjp0fhmH/FETm4ZyTCru23PBEVUG2eDfWeDS9Lc9rNy3rVDyBTOo00ZG0FxAEqLmigpaaC0kMrxHY0ahVhRD1UJ76ouFC3ByT4B97J7VlPyO4BSQYOXcMSlGo6vt0/YM2WXMiwh2jC3zcLv8Q==</D>
  <DP>YWBt26b2+RWgoWK7aF31WbK82873ooNRbgZjiCvmib5Ej2c6KQLhozkxAZ2nqObDhibGZihSohGvsJG8Xr+HJQ8Jl7GKT8abeAudVi9Nd8HWkRYEAzM7mQxPsK3ztu54L365CYQxXEeKwyT+WPMHVuefOe8eHO8KcmyM4m8Cd3E=</DP>
  <DQ>XN7ZepUNxkATnBf29f7tAaHtnRpb52HhVi7jHQ7BdGTnopivmCMWg2oRJ0Czu4ti3LU92QrR4+070zm9Xi/kORm1Jh7FAyeOKymAtS02pL6Ie2VxelowYS8GUPXSUqAlEugJSK+kaLvmKbl09Pt2Ij84+PryNO6laITzFi1srt0=</DQ>
  <Exponent>AQAB</Exponent>
  <InverseQ>TA8yx6ZNakJUIzGPktmq/WEecTDz9Pv68tLRsCQ08W6vkT7hsk8uuzUF3dsXOliTNPIk8djz9rYoZ0X0sjxZ9bYc381GFuhqIJ4SoMcPQUy5pqxllqV1WujyWkFwnW11pDXhcWQTz9qgcmtiOBTL/yyZCealOMwsYTrhEMuZDkg=</InverseQ>
  <Modulus>2ENP19B/CmHtDKvMkGbTUJJg+UoWKnDL1I5gihhkEOesj7XSr8LYOaUMxVRx2lcFkzKYlP7v1VDXtexMTwjcq4o4eDdF/vvEkMTeBRWbTUxh1/ZN6oT/ckSCLLaO2D9skw3piBVfeWEvSbEAaUmBHjxkLO66C8GSmWKeJbJ4Jz2jQKrOHxnjvC512WqSoUe3zIIw8Yy6KpHxDkcdtO9ZiM3NPfoEW9j1vewTV9WBZrS6VE6Pn0YDA3HuIWJHpyMzw0kcB/UusAej53833jsKrArU+7y7RdNSdxs7Oxvhu+oXxzKHxXLgEQwOznegxPszEGyjOQznIhU+vfOuppr0Iw==</Modulus>
  <P>+EeKrWx3Mj3s8pF0/uXsUQgc1A6JDtllcPqtXH+g7DVdwX3ndko0fOGGrlGFheuROB1yJUaZ4PghKvWw90ZA5vaqGKaz7BcPC5+lL9ocRpYX7pi16cNGUTBzV2GlshkrPnSSXiZaW46cbm3PDunF72q/ZeO3IvMWFb3cnRSvWic=</P>
  <Q>3vzmGWdBv+vVdVsDr4If1mwYafHsE5mgIN27XSkTUnkVUFWOnZLfOZ7lJDrQzDqfY0JOL6IDKImIC/t3VBNrG7IQEvHgX48Dnh4a+vtDDNUHCwA5UpQ7kc9ReazWyJCos1/iJN5BVnL+uvUi2N2GG5F4cA9C6wbz+kg7wT2P/6U=</Q>
</RSAParameters>

Certificate Public/Private Key

<?xml version="1.0" encoding="utf-16"?>
<RSAParameters xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
  <D>ctLAHwpTqHmZtkMccRs9/JkFAGF0drjNccyphsjGrwZSEtPW1yMnaChUdCF+1IyCQiTfBSIxoUVFkRIoaU/uRZyr9mJzPBnfq4qQY4+EAMoF+/IHY0sI/GMiwC7CAEg37Q2NwjqlH/QdP6kPYqkL4f5a/vYN9zAn2q+5SHtgphQ4eVQzRKoKcKjmdvAabFSsANj8G89xOhH4SeTZuXnIcAQGIlnT+8AJKk7P6ZJWTx+0/T6qUwOPK9r1cdCux/3boz7uTxABezvbGyGmukwRo6tUDbRWGqVEMNKxJKF88Z+FyL2uBbEopbuAzwX8HwTAThiunPx/hQOAI8K24fVgrQ==</D>
  <DP>SrO2O1huJ8HdqHGWraO1LNP0ejysN2RbvVt5MfqFPP2rBUtGScJyOSMpXYu8RejcpNE1vzmcYDBHd91WJSf5arh8jzsvkU9scdsW8sFUMpChENQWA6paJmPVwIe6pl5PWdkRooSeps98wwGAe2w3Fk8vXIASoGWcBxFM6+poLYU=</DP>
  <DQ>0460LQyyghQ1/YlUt2TxSmgf/eosFG6xg6Jgl++7VMXB/39CzyvOLZVr9zjJnMC8xAfYLzyNyd0ex6snUSpxT69/zURx1c4j37hU69bo4gwZa2L1jV+Moz/mQww3H125AH5RxZadK3P/pNktixa3LoMCF6Ch63rEXoJyeWHmTUU=</DQ>
  <Exponent>AQAB</Exponent>
  <InverseQ>he7N0Mpw10YvjMLydsuMWh8pAsa6CjkAQzX/PrhbQ5MPRZuVtFx279ASYWqlPlmB3IYn2vQ6qQG4FSq4QPxMQcSReOFDPRlFKGMH8pIhjNPAcR1eA4A7OQKJsbcdunmSpbPVtGyYmGrK4IKUzm49mTrl4syfR6YtPBNWC+TrHqY=</InverseQ>
  <Modulus>1XMi1NHfnrxVIaXgeQBZZqWdW2b+iq/i6k+fmAijHkP1wVkhjCMp3xMyPq4MOn4t+9rNFypVBuIRQWpw2kAk3raimsHvKFhTZmT57FIqp9NCz85qGS9/rDRc4fTCvkdhgf8p3/OBd68PENOtRrx6+MbS5QRe7gdqB5A0G/JT6JpOCsRwb55OpLlRTlpXbOMqEhnEI2rCs6SfToqnyFnavVRuH8X5Q2aHUp8K7hpK9cs+kuaiKVQtAZSnYMndkOHVlpsq3FxRLWT8CSl+l/Pha8VhPpqymli0SM0qpPKv3CyR+eShp756p/eGs8y7O5DiC4lKKLAoh3pDZUy0df3YkQ==</Modulus>
  <P>7Fl9O3qLKYzus5axNyymZ8dDuoIkx9L0LnWWn0bOYsIIfXIEXPJ6sWP20FVY+pnTCOWCfU9po/W2ly7ECo5OY1a5oCRek1qP6+xvATbvKn/vAydDDkQ+MtgIjoo16QZGWSMEt0i1eC245MO1Hf21Iw2KicTQuJgEtGfDp5oEM3s=</P>
  <Q>5zI+HlirbgkishvKfUmw40bqPxFmTNVLcIz9rdpCu2evFgG8BFTIvfW+khCD6Zt8GOpS7isIrQ1zEIurvDgNKDCgxC2WQ0sUC7KIVEPyAJ5wRGwFkWQ7Q03gv3UwFyy2hrzPaYA0MM5Q2s4gAASndjZjGUHfy/DNa49pCZJ+0GM=</Q>
</RSAParameters>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.