Skip to content

Instantly share code, notes, and snippets.

@MidLevel-Bot MidLevel-Bot/quickstart.md Secret
Created Mar 26, 2020

Embed
What would you like to do?
http://cert.midlevel.io/ Generated on 26/03/2020 05:08:16 by ::ffff:3.215.182.200

ONLY USE SELF SIGNED CERTIFICATES INTERNALLY OR FOR TESTING. USE A SERVICE LIKE LETSENCRYPT FOR REAL CERTIFICATES. THIS PROGRAM WILL GENERATE A CERTIFICATE AUTHORITY KEY PAIR AND A CERTIFICATE SIGNED BY THAT AUTHORITY. CERTIFICATES ARE ONLY VALID FOR 30 DAYS. AFTER THAT TIME YOU NEED A NEW ISSUER AND CERTIFICATE.

Quickstart Instructions (Basic Usage)

Server Instructions

ONLY DO THIS STEP ON THE SERVER. IT SHOULD NOT BE DONE ON CLIENTS. THIS STRING CONTAINS A BASE64 ENCODED PFX FILE, WHICH IS A COMBINATION OF THE CERTIFICATE AND THE PRIVATE KEY FOR THE CERTIFICATE WHICH IS USED TO SIGN KEY EXCHANGES.

In the NetworkingManager.NetworkConfig ServerBase64PfxCertificate text field. Enter the following:

MIIJaQIBAzCCCS8GCSqGSIb3DQEHAaCCCSAEggkcMIIJGDCCA88GCSqGSIb3DQEHBqCCA8AwggO8AgEAMIIDtQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQICf/X+GfMN6MCAggAgIIDiOfi20OFzaRC9cFjx5qjSiDhetRz/02i07DFQUHS4wfxfMw5ktdm4JcgyfF7AsqVAFZRAZSh0WAoYiN2LiBMJdgs59maL5pPyeF+/cakym+/VV/Bxa74AolSqegNRg9OPIS4LzGt6KwUVku9HSxjx1l7ah1BfYHQ9Eqyvy+/Q2asF8ZJF6rwbT3kEBYJMwld+soVRjc53HPdMSupTIMy6E+iPhMwZkDViBsHKrqTsZtPAvonuDb4go7WMt+pWC70MpbexZRHT7mISFO9kxm43gsCwPhorTBuogozAdO5LJrU8wPa4N2BTHHmm9RKomuxMJjebcebmhAepBfu5BAjyGpzvoAf8FoNzCs7YnPQCKnrb1HmihLc7VwNUeREh0esz60h/mTfj+xLyN0alCdLz0t3NbduhO7FQGBzCcxcXMWQPN3s+eVOyWsaMnfi8SJEs92NZF1NCdFDNVcz7W0gujGm5ioMPOTQAYIt2L2rMoR7dR1i9+ev4n4o1vmlfazFS8j7tY+xTqBjucGZ2mzvGOhga7h116rb0Gl96IdVs39zhwilFYI1h4aGGZ+A1Bq69utrfiAQICcFLQk4QqNRFz9KN0BMzSHWQN8Cm/IlInLi/xbtHRq6XPW9MtRup1vkEroRCKLmJpNCMKfChJoS5ZQQTJZlPPgcn9hLDaO+EU6axFFgMsawejQuwY9q6DjT4URp0iVmaIbKmgY2xxDT1NPDsbMHARQucHT6hBNxi6HegDEmD/SvEzg5OuZdNVdooXznOnW5bTpqX6roj5sorpgpLA3rfm+yVd4aJw/A6vgO6+wbxR7VlNfaJ8ODcqEFY4UkQ/6UjtAFpZgw26moubI55fQCxVba6GY81/eZInUA22iZYiP2EyHmGP8EvuPBPSNhfmPRU/4VPfHv0Ddz3r8NkOwwB+YesvjDP60Sg/k7YOviF4xdGNyF7FJH5WGMBPR708AEUD3Yb/QCZ9Q6C1YMl2Y391CpOhMbnfiDxAX4VQWCJILXcYqD5dqIr64WAr41kOHhmr7qdU450QyjyqY54+rBR4nhI7RZKf1p1xLq8CSx41eji2DoaBuD7TUFEwUs+ZMsMoE+T+xfwD8IR/g+JXT59/Q5k4ABP0dNRz0sq5R5JnT5h6vlrE1gxgody2q53QUaPZFOVHKmU8PNdpE/V3H/n9CRlTp569xoe/gVWpWSh+mrv90wggVBBgkqhkiG9w0BBwGgggUyBIIFLjCCBSowggUmBgsqhkiG9w0BDAoBAqCCBO4wggTqMBwGCiqGSIb3DQEMAQMwDgQIDxjXFs0aG/gCAggABIIEyO0ybDRo8ZdEk2p50Jy86CAYevio5K2zqmYlPtbkhuNB56D2qRfS0kKpJjCf5LCpAWcEf3n7LZzmSkBcu9uaSHIOQuB9Vu80AkccW+zTra+0QLIf3SvRjrLv18p2Gk+vzI41ZvydM1SkSnUJmL/EtFgBdSIOyqXEA60BY2IMIWzyK3SyE6J6a2rhUmANZztWnMUNyy1EQrUZAV+Xry5xGBJlqm5eVA+CfWrKtrG/R/th9+Y9kWCN62tVG8M7CFgfHS/0XxyII3VYW+O34a5Di8R9pBHIFgfhuqWIteNGWIla0YnN46rkL+chqnCnQFm3mvwP+5GOg5ptsYFFk46km8yBxN9SB1hggMkBRfsgJxTDWGn+H4P8fAUJ+IJNRqspWKCTXlS9XdJMh8VKIETtkXG3YjZiSbt8EBpbQ8CyRsnS4ml7gTUSp8QlmrKSbAvlJ9mBQRyF59uIqLoAJITcy/4991VwiDKuTni0LjyEx0UaHP/D1z0Qn7IDCxuSp1DsPhDTBlhK11UXYwm5KamTV5T9hurRDZ7eWhxZDCQaudrinJSBW3xJPf1Qa7rT9Ubo7dTRve/aJ6vU7uEftqxybkUUS/fNlT058KsOJg46wOK//oJg2jtMb2uxdrRm5pCRbtHWTIHD9iSgnAfH1wSXttWoIPg0BstsRbM2+zKX98jz6Hla+jDGb+iUX1vJo0F8D1NoJjFFdeVzQlRzhVdJwRb3zNRMYLIWKO7etxipogKz0jrlW3Zb5l2UirQlkH6nTQs+9eRRega2DHWBQg7Q1dOOwfPVoWnp8MSf9Irj2uY73OJjVEhQ5yACrtpOmE0GH8gU9hk4qV/zBSjNw/D0ZfTEARmNokovFTUdkJfLFJPWioTq1pR+fJ1uzp4UKkCSww1Pl4R11Q3IwKvJtOc7HBUUC3nYcTIUdBsHsFUgeV5wGOBLTHn5jMSSLrvfTBiJbyErW6rGWJSMYVmkPBSv3U/b/2dkcfEXeRfy1ndNoh9VtHFfFLz9w89D09aX8fFGOorVtfmzCp5sQZpOVPv4sU7MzfN/TrCBi2CC+ZOZjMHngtkwwLCI0FkCWGp8ysbyQjMVSjwXUf9aWmYah5MDCJ73IegP+Gj0Z6CKln8o03TglTQkrBWQ6G9RkUgXjEJpHZdjkhXYuyAWxcwu+OxaZhctEpObWO9nZ+hDYUWQeBSrOeuA4oNg35spPm2bHlc157Vdx96s54XGoRulT8L4Smpapwl6VpQVjiJr33A8scs5yI6hdZAmvxD3+tKc9uTbC0K6XCheMsNcSpIkDP1fHbGwSf4yCTiI2vLFl7HIDJRmZfpvEbzwN933Ce+v5VElo5upu+jI2coycPnOpbJdTPEYa+lRy+xg02rClgVBeoZUmDxAwd3TJYjZ+bTw2F6LWHt1NZ3LcAXeYQIC46Trio78xUAotoIXmnMHj4L408L65c4CLgJ5q1+8PyFZhiihkwUZKHQqDI4x+HQoYirtuQb7ljQ8h/eBzJ67GIs7dBfxeZM7CPFUuf7xajQAKV97QRhDuB6uRXVBY6YlImlVbxk9J+GjZnHqxvbXMTNuqEu7OwkETEx0k+HbLLbXpdzA7chNVi/xTMUZ796ljQxDqxpOAyoM49hBpzElMCMGCSqGSIb3DQEJFTEWBBQiLuip7NJyO8XHe22s2obZa2Xl9DAxMCEwCQYFKw4DAhoFAAQUpA+Pw/9wceiPkKtsVEPER8wO+jYECPDBWgp/+To6AgIIAA==

Client instructions

To make clients trust your certificate issuer. Please do the following before connecting:

CryptographyHelper.OnValidateCertificateCallback = (certificate, hostname) =>
{
  X509Certificate2 issuerCertificate = new X509Certificate2(Convert.FromBase64String("MIIC5jCCAc6gAwIBAgIIGusIczSgFfYwDQYJKoZIhvcNAQELBQAwGTEXMBUGA1UEAxMOVW5uYW1lZCBJc3N1ZXIwHhcNMjAwMzI2MDUwODE1WhcNMjAwNDI1MDUwODE1WjAZMRcwFQYDVQQDEw5Vbm5hbWVkIElzc3VlcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMJlY8Yb8xkAmFhQa1qQO+6Arb/Mzg2D3C7nT6bLRw89pLarYpcEN+6QtuYEKfB/HlOp5VnYJOeLj67ZlP9eu3GcVeWVY2fJ07mo18O5ePRbUMKvTUPfLoztnwEzdxxVuLIUnE7zpzeWhqNJI/Y3SXFzaCuAO9c9nblOSoBoDlMD2gK5YfV2MPlF/brv2mUjHl3ootG/7yrVahpAx1i9D+aH2j2m62E9Fiyow1uACS79M84OhITyQuq75Lq53dX0apXR3N4CO48Sl3/KqTLpSaJHXziKl82aiU6hpe+wXTlWpBinV5A6OPm8JNdLK9+gaOm28xQ+1iirqhcsy9QK9TkCAwEAAaMyMDAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUWAidRDlHX0WkM3d6ZTyfSv+jYcQwDQYJKoZIhvcNAQELBQADggEBAFCCyEgGpSAuhXThcHUqdqbELbb13yhPFHOdG+KgbxXDfhZcYBuv/gyBUQbSAQUqJOjJ2viyc07V4bDwrb5gVXOPu2u4Gm8wB4qaHy7xL9OORwR08ZIcrsaANhdZwwzKhAVFoRYwREFu+tejsIXU46CKDQRo/0ZZN52cqwRM5Ndlzxuz9X9bIWKQj3Y6vqrDL3CdymjbQ4eQ82mz7gL11yjk+6kjO2O1l35M6LpOc7ycM8X6HSysLx+W5j8ja94PROAsB/rnWtO60c9uJocuGwy3mQ6lNMccfKQttjpnoqgRh9otosIRVQHl0JNgrPnTAx8xzG0Djip+lJecyX90U1E="));
  X509Chain verify = new X509Chain();
  verify.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck;
  verify.ChainPolicy.ExtraStore.Add(issuerCertificate);
  verify.ChainPolicy.VerificationFlags = X509VerificationFlags.AllowUnknownCertificateAuthority;

  // Check if the chain accepts it. This can mean that it's from a CA we trust OR our own CA.
  bool isAcceptedByChain = verify.Build(new X509Certificate2(certificate));

  if (isAcceptedByChain)
  {
    // Validate with the last added CA, that's our CA
    return verify.ChainElements[verify.ChainElements.Count - 1].Certificate.Thumbprint == issuerCertificate.Thumbprint;
  }

  return false;
}

Details (Advanced Users Only)

Property Value
Issuer Name CN=Unnamed Issuer
Issuer Key Type RSA
Issuer Key Size 2048
Issuer Validity Start 26/03/2020 05:08:15 (UTC)
Issuer Validity End 25/04/2020 06:08:15 (UTC)
Issuer Serial Number 1AEB087334A015F6
Issuer Thumbprint 0FDC4924F81EF61A67551634BA40F946FCA433F0
Certificate Name CN=Unnamed MLAPI Development Certificate
Certificate Serial Number 2FCF881B99C86338C885CB139706917D
Certificate Thumbprint 222EE8A9ECD2723BC5C77B6DACDA86D96B65E5F4
Certificate Key Type RSA
Certificate Key Size 2048
Certificate Validity Start 26/03/2020 05:08:15 (UTC)
Certificate Validity End 25/04/2020 06:08:15 (UTC)

Keys

These are the keys that were used

Issuer Public/Private Key

<?xml version="1.0" encoding="utf-16"?>
<RSAParameters xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
  <D>dYJUjazXhoWVkc0LF/OYRtQCM67Z39GVh8TLoUe/7LaWmtV/A0rJhKx14xUhRP+SlYBd47GEnXL/p/Je3v+kz0hxpBZpwJOAKPqncujq9Ms+RnExg5WlzgrV0yQJHFe1DfDni9I9gpy7RnkwA+Xnv2zDy4f4pGPas+lfn79G6WacxG1eVh/9OKxJo0hk156URWeBrgDKCNchM3rFgcDkIB+ZsaeZWgRvEi5saYjKRcwZbLGvBWY9AxmlzwxYWGMDcRVFP/PTXPvog4bHkYnrLNvKyvD/CX2OVozqickVX0XewQJ0mg0OePzE8bKjN3gl3OfW3z+w+m47GBg3ac+/AQ==</D>
  <DP>gzorca/Pwv5EF2njWKoSUpAxQEOEVdRlySL6EmzPzGl4b0KLf2QMBMWEvLkPZAENxevxAHC9XAJNDOCwYiFhVyubAxqlO1LuzDZ/evyZlAr8uZyzdYwCBf/CqCCyf6enX8RKvhS4hw2mM+BXHxmsPKC0+KCr/lNcj36uL6dvGp8=</DP>
  <DQ>qA3fTlvwkOTB1Z6eaNbkLdwnh+0smGTxcNN4hhaa4ePsIMN7BqZpKsBmU6mcrXSC6l3WXFqyvbuq6b/x/V3gMWMylnfLKKOO2fIwjIGsv8lertzWksLfJ8GJu0qJFKVwNPAEFi4u2s08AueepHQG96B2uNp7SR0xZFCvzKY3s9M=</DQ>
  <Exponent>AQAB</Exponent>
  <InverseQ>SuYXV6DN2dp+Xo4xgkJ3uqAKwSaufsl1Cg14QZGUiSnxZjm/CYcVOdHFF/qLaZQOLq6zO/ocpr/hr+GrDneuPsZ7jzEhTBpvSu+F7R/MlJl69dqHNNxHFlIr5QLtEbxU58fbh527HJxBd+TrtmZivEolqilE+AqLUQ0Aak4/6hM=</InverseQ>
  <Modulus>wmVjxhvzGQCYWFBrWpA77oCtv8zODYPcLudPpstHDz2ktqtilwQ37pC25gQp8H8eU6nlWdgk54uPrtmU/167cZxV5ZVjZ8nTuajXw7l49FtQwq9NQ98ujO2fATN3HFW4shScTvOnN5aGo0kj9jdJcXNoK4A71z2duU5KgGgOUwPaArlh9XYw+UX9uu/aZSMeXeii0b/vKtVqGkDHWL0P5ofaPabrYT0WLKjDW4AJLv0zzg6EhPJC6rvkurnd1fRqldHc3gI7jxKXf8qpMulJokdfOIqXzZqJTqGl77BdOVakGKdXkDo4+bwk10sr36Bo6bbzFD7WKKuqFyzL1Ar1OQ==</Modulus>
  <P>5wiwvY4jkupoD+LOGMDoztNN8PjRSwqDLzBjgevdildw9hxPtIOKhGwXQo/iKSRRAVNH+LHaqZnFt8LbhcrWHYlpndH3jgGfs3P669D263ZFT7/wuIXMQbrVq7IyYlDoxaVA2MMwo+HqGZ0yW237GwbP/ISKKvMuKHkvoE83M+8=</P>
  <Q>12cmm7IwlGL3jjV7cts15DG2xY9M/JFs1yyulURNSWC+1zKzyG6rEPxYcILl6klkCMFsn1Hrvq8b9bNOKroWrUfNOEry+sgTu+74Mq3uQN42OWesATqX8qpd9fUygkxWTuW+pyWH338j8bLp8hWoAnsB7JcBEw2V+YL7al5RoVc=</Q>
</RSAParameters>

Certificate Public/Private Key

<?xml version="1.0" encoding="utf-16"?>
<RSAParameters xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
  <D>I6M8ZpWb631KiXIgtYwcl4WUF4rNYMf0lrzs2RKBSKEVuwZp2NfH8pjqhztMaI1rjnMy1N2vHzz9IQHkcZiaYKiRgGzUlZmpisSI2t1iJITgBisqxRgekXluD1SIG+jmfaTL6vAgsC3//vcw7PkSVrfErK5qFPWG6WnttpsVSDpF6r+9YqFbjH7UCa2VthB/P18dp7I8YhVyKm4dzQcMxROdfBFaGldc4dwCQNhmq7ne/zYLcEC+wguqhpltNVc5uqKdUpZo/CFHp94+AeKfmm7SlNqRSLPzuBCjtgj9WMYiJTDfzPhbZAe9wooBQYil/mDRpLYJ4G2nBhf9UsVS4Q==</D>
  <DP>r325mEr1iaN45VgI4jEmNFxt/EDZCrozWHNazghEd/DebxztwB2CH6nEo1XEKAU2G2Borg1oGldLBjdh+8Ah7uSoXvEooqsqFSj4nvmSoer+jTpn3aD5dIwNyLZ7QgDxkUWg5u4Xkr9bpxU4m+hDrEbfcMSX8Ort1HBkodZgcQE=</DP>
  <DQ>PeQjGPK4ii3b6SG3UywQuUAHJQZIccj2DbpFPIwNwdcwSJLwADGh639fCHtqf9lnJS5m9oymdXPiTfY5+a9gN9rTdo1bnflhH2bWWHPu9Dt/Ychcprf3+fLkGgWtkXPRb6Q3Dxc1pjxG8G9sWKcUotk2X3TN9b9dm20kAxHowVU=</DQ>
  <Exponent>AQAB</Exponent>
  <InverseQ>lFgAwhJ8VTX9mffpO+cOFR91GfW0MCGOZ60A2/7a7/3QZHe6k/SzLfql+qswHYf5de5rdsqimYqgeRwwtcMMvf5Q8DOdgdePc+kUIMRN8xnqO8zKH5eY+uanwKoDs7isZJXpjcMK9WXfaoZh+jWhvrOV4wvURCINwmdHXXDeQQM=</InverseQ>
  <Modulus>3LvYdk93YIpX/QQXs9st/AlIAVQALvgfIXLv6SUZNrZWR5H8QY69yhFNTez5fPWfju8egrXLttbOVDiNkp5gFPmkCYpkRYpYtO1J5iqO10HYikZtm0bCm/Tb/jlTsuSY+Ddk9Nj3LS/7SAG9RqvoemCeDFEqiuoNeYxg4w8FnuFrFijU5kcrW6/e4eAsgHI65t/PkR84JXDWNX+Kqo8ZtRzEI4n/SXoYrroN0h20n3PJ/2NQU/99JPZji/V+8+coC43QrkedT6oe5FUjrhP2nEBLBuIA8yVEjYzfylZKzqEt3ootbjic8r7puyNcbrbctRM/ckZSY0s0N0Wor+6e+w==</Modulus>
  <P>+a2Ib7ViXu1uCvE6vm7XN2liCa+Omks3JR3lJ2iVYuiPhDKqtaMAm1HrQ/4V3Kl4fVL8FDf2+SZary9wlv9dXD8VoKRdp148pSQWzsAqH3bjad1CvAaHz6iEEoTeQfUVLNsFfnA1W0UrsgWwbE8i4byp99eAQL/hw4ZRusrtdPE=</P>
  <Q>4lKwy7evvHEaWqRGHoCOO0LiRobc8p8fb1XGj5o3OIzQi3WCZs/V6BQIrsIinTz6lJOzKj81FM11la01VeyLLGjzMUq8p7W1rTVrQ3tvVTJq3Q6wtcKPRL9hHdJ01OkLODeh4uSOdj4uZ63n8lYQ4gBNmdQGb4yh2bNfOJBhoqs=</Q>
</RSAParameters>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.