Skip to content

Instantly share code, notes, and snippets.

@MidLevel-Bot MidLevel-Bot/quickstart.md Secret
Created Aug 13, 2019

Embed
What would you like to do?
http://cert.midlevel.io/ Generated on 13/08/2019 22:39:37 by ::ffff:18.204.48.241

ONLY USE SELF SIGNED CERTIFICATES INTERNALLY OR FOR TESTING. USE A SERVICE LIKE LETSENCRYPT FOR REAL CERTIFICATES. THIS PROGRAM WILL GENERATE A CERTIFICATE AUTHORITY KEY PAIR AND A CERTIFICATE SIGNED BY THAT AUTHORITY. CERTIFICATES ARE ONLY VALID FOR 30 DAYS. AFTER THAT TIME YOU NEED A NEW ISSUER AND CERTIFICATE.

Quickstart Instructions (Basic Usage)

Server Instructions

ONLY DO THIS STEP ON THE SERVER. IT SHOULD NOT BE DONE ON CLIENTS. THIS STRING CONTAINS A BASE64 ENCODED PFX FILE, WHICH IS A COMBINATION OF THE CERTIFICATE AND THE PRIVATE KEY FOR THE CERTIFICATE WHICH IS USED TO SIGN KEY EXCHANGES.

In the NetworkingManager.NetworkConfig ServerBase64PfxCertificate text field. Enter the following:

MIID/AIBAzCCA8IGCSqGSIb3DQEHAaCCA7MEggOvMIIDqzCCA6cGCSqGSIb3DQEHBqCCA5gwggOUAgEAMIIDjQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIhnCzlSuYqm8CAggAgIIDYCZ+pwv7tH1LLJuLe2cbNwvWhRo6kR3c7o+FHCh0qXbS82FRABadhaBNcqlXO2pRKqUAopoRnjMUDMl8e+PMCOMH6TnoqN6l0B4wOfkFrwjFOqFsomuyRJRos8u0DZkSq7RCFF60lgIt4dUtjYjOssNIiqxTWms1HwMaE+vwC1vsaZTlOuvapc/YQ3unccXUq82/uETpB8jFwIt4L1JtewoJBSxeI+Xxd55hq7qkuwd3jYoA5BcX3pTIxbN7ghwG7sSf2XDsTBFPEeOjk4jKllqavWgD6Z/ZX/kVFOOu28y/zjwrP7iFnW70nDI3v3dwmipjMleMI7czdHDMQRgzVuB4AYlNZ/X95hMNM2IN39fvdYftUPDpVU8PgjaqxRU+kvbdMgJfAYbJhMRLEXiY4M/r9+oOQ9rDgEdjeSlNTr06f6iNJAj8bjKDnryuvdemSICjfZFnudqEkD9bq6xRL60tNteCGo+y8W1+uwysHFfqSdrzoNDAAAoFijhoJW8Ou6YAJDeUyHFI7h7mbptkyReqHLyNeVxnQrpLlz775dbTbLzIkAuXKoVC2hT7/kpGMb8yfDRcZos9jcO6I0cLGSqT9hkGQqx0uGM83cRCAvLimkle8xOqAjilE12s3bPCyWHxI/PqV9D8acL287Gx2AmRAws1kLxI8wI+488vfh54h3Tc9iH+4cmompqPFq5gQ0QtRPh+qAAkWsYz3xKonFGEFdRSACsj2YxcsLVVRKbyPWPT9B1keSudJrLE4TNL+pagHUL8VaXwt3yoaqQV32JEjJ3A5DEPzah6H9jJ0jyJy/ecYeKRcYfHzk/fFdRsznAsFxXZ9iRu6GMHagHzS4tjb0l0uARAAMy0sSKPwE4kuo12YxwBzW9VWiok1B5rcDGtZZXS5XgnAQoSdjnPBaFmZeFcTA5P/GpU+NorCfgP8vB1Rw4KKRSfF296N+xNgP2GymnLcNjbc+arQLzemiWKHcLWedWLNI4OsLXXQ/sGyDnI/dgSxciYv3mPLZPFGQVAr8jMlNxG4ND5WT11K9sI1sfyakt+c6KhFVme5glslwX+JNm9h8BCPj8MHQSiqQF6R+LS58OSHiJBW/Wv312jzUZ9ZYdFREujPMs4nbNXCgXOrTgHSiOa4IsrN7xTpzAxMCEwCQYFKw4DAhoFAAQUenXEvU/ztJ+Jp2fh6QqrmMig4nMECKp+vKA/RV8HAgIIAA==

Client instructions

To make clients trust your certificate issuer. Please do the following before connecting:

CryptographyHelper.OnValidateCertificateCallback = (certificate, hostname) =>
{
  X509Certificate2 issuerCertificate = new X509Certificate2(Convert.FromBase64String("MIIC5jCCAc6gAwIBAgIIGUF3vLhYf/swDQYJKoZIhvcNAQELBQAwGTEXMBUGA1UEAxMOVW5uYW1lZCBJc3N1ZXIwHhcNMTkwODEzMjIzOTM3WhcNMTkwOTEyMjIzOTM3WjAZMRcwFQYDVQQDEw5Vbm5hbWVkIElzc3VlcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMDVlVEt0XuOdD3JldvMNslv5rGwWtKQZrZyhmm91WLUi/rHraNUlTz2gqOBvjTq9ym3tX/VgKdlN/4TeIa3z8GaPhnYCorW2Eo+XCKhIdeKf+ts5Q8bELyzB6lFgZv5gf5Q2AIvCGWUFgrJEqEEr9x8zx9iHaHmFWWyDxH1OnPl6uNWAI7DIKAWobPGGHSeh8tk4cZeUyOP/8iIq0AMOrk4AxNPreofojN2vboEVo9z8rgynTV1X1GIE3X8kaMmkNlYjTh4adnvoz8Hjmndu96wysbZt/qDcXLa5GExtfExUkEyYmg9bdxWH7qQJFBbqDnBImjTl19ArIm5q0wLRDsCAwEAAaMyMDAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUlsqeY5QqpR/QZ6RH/OIlYW9SaMwwDQYJKoZIhvcNAQELBQADggEBAGd5aL3tDbegv2SRkQ6OsamFj+nCtV224HGWHzqukPpVuwAeBcA3mUEnWE4SPlcjXYJtEQ0G2J43U8qVJynnmHp4LXXTPqWyc7lDLQ4qFFlfBOQ0WGkZAXRlEMBgwdPu96lqL401jhlfL/4X6AFti4pLlEhkkq5Y36FsrGfb3AUXs5l6kclaGGHM9ZZ5gGY0zYoPdbfoszH7FWGpypmdDq9EprH8DydpTnG+r8iDWgObkXm2IqvrlyYwuYiM9MquRTMsl/SjpyKEX4L3WOXys0iocgzQ01fh5ztKWOPaCJ/FszueiNpE7MvDDPW/252Fch4f/Rm9ESZEZd+8NB4JHzY="));
  X509Chain verify = new X509Chain();
  verify.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck;
  verify.ChainPolicy.ExtraStore.Add(issuerCertificate);
  verify.ChainPolicy.VerificationFlags = X509VerificationFlags.AllowUnknownCertificateAuthority;

  // Check if the chain accepts it. This can mean that it's from a CA we trust OR our own CA.
  bool isAcceptedByChain = verify.Build(new X509Certificate2(certificate));

  if (isAcceptedByChain)
  {
    // Validate with the last added CA, that's our CA
    return verify.ChainElements[verify.ChainElements.Count - 1].Certificate.Thumbprint == issuerCertificate.Thumbprint;
  }

  return false;
}

Details (Advanced Users Only)

Property Value
Issuer Name CN=Unnamed Issuer
Issuer Key Type RSA
Issuer Key Size 2048
Issuer Validity Start 13/08/2019 23:39:37 (UTC)
Issuer Validity End 12/09/2019 23:39:37 (UTC)
Issuer Serial Number 194177BCB8587FFB
Issuer Thumbprint 20E04530C864627253995294AFF087F2D011C9DC
Certificate Name CN=Unnamed MLAPI Development Certificate
Certificate Serial Number 00C98AC2BEF4957D072A970813DF14A9D2
Certificate Thumbprint 95C13E31828E111A486F3C48D2E2438856A34118
Certificate Key Type RSA
Certificate Key Size 2048
Certificate Validity Start 13/08/2019 23:39:37 (UTC)
Certificate Validity End 12/09/2019 23:39:37 (UTC)

Keys

These are the keys that were used

Issuer Public/Private Key

<?xml version="1.0" encoding="utf-16"?>
<RSAParameters xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
  <D>Cy5XMhXOB7QC2XJO1ifJJXTvk23+Vic5TWrmkEsJjGl2lFvvnYDSBm7ktEZZmQfmvOyCAZ+Hji04SesnGeiei0M+RpFYSySZ9fQXs4pURAMr16LAxVd0aPyYfSAim8Cj4PMfE0FW40zq2kU+Z0e2SrqR5+fwf+qvYu4oIYpukTmxtC8lY3seKqVrdr+Df7BKRzoZx77mXekgqrICfEFh2r5fUosF8RFTOa3XBNiJT5D3WsF0zN1KziXhr/Q1xS6mLshORzXX1ilPDObYscfZRTnT6hD4Nya4mS91sAR0BKiW6x8QSrqdPptSInL90i67YDz53PrMIXqdxbPbOT7DwQ==</D>
  <DP>iuGjB30pE8lg4/8DWnEPa6K3LwXiDSr4mY/DB9US5n8tk6uzxxr6iiupfTO3DyZPFDUA6ZHhrAtY6aNjMdUBWqjuEHh+2+J2vsM2ltRbbpuWtbzr65bWq3NYXimhsgPAdlhISnmdC1JMJhyMa+4webZn1lEpy8V+rShaSaSRMtk=</DP>
  <DQ>abI+NaZ3ofljXXXIrgxTpkWZn/N/BxGfUeMWABjZh1sNyo1gfNGNJYfw6C3sAcvy6N2KHPptGxPCpJE4lZmNkxkbH7aRzB+jy7oRA49D6i0LxZA4mFyt41KkAWl75mX5yXTCI0uxsNMLJgLgMwwqnNyC7f8gFDC+X/azg30LFfk=</DQ>
  <Exponent>AQAB</Exponent>
  <InverseQ>gcO1UbKnjQ8FyhimATA0xjck/W/MGWi11q7zdctfy3ul4EbyB0DWHymSp9uLD6QMUlDKexaK2eybMpwPsMrc8Obk1R6LFB7iJyvXrkp6THKqpT1AuTlXpzUjSlZXxnwsGS7XHDDZ9bJixQslhb0KY8xGKJkRINTQWrmIzThkTVg=</InverseQ>
  <Modulus>wNWVUS3Re450PcmV28w2yW/msbBa0pBmtnKGab3VYtSL+seto1SVPPaCo4G+NOr3Kbe1f9WAp2U3/hN4hrfPwZo+GdgKitbYSj5cIqEh14p/62zlDxsQvLMHqUWBm/mB/lDYAi8IZZQWCskSoQSv3HzPH2IdoeYVZbIPEfU6c+Xq41YAjsMgoBahs8YYdJ6Hy2Thxl5TI4//yIirQAw6uTgDE0+t6h+iM3a9ugRWj3PyuDKdNXVfUYgTdfyRoyaQ2ViNOHhp2e+jPweOad273rDKxtm3+oNxctrkYTG18TFSQTJiaD1t3FYfupAkUFuoOcEiaNOXX0CsibmrTAtEOw==</Modulus>
  <P>9uCSfe6d7xMO5ZXlWKjwZTnf2VExbrehmOcP97lN7tmBM0DZqZyiIRhUDWxvOuRaEDF5gTMn5d77geB7Pr6c0GHT50U84opH8fWmPwN80Aaz7yNeaPPEWw9GXSuiF1Alu5FybGPuJbarwxEnlRXVcskLZIYY66LcRbU5+tNw9Lc=</P>
  <Q>x/XFj2Ih2VBtLyuwoasWju3scW2Vk0FjcwTcmLIjNPXLsQpaf3IwJUhV13ccgg+7GlN37TvUO8aUIAMNmnqbT3YAzd1loXMl/noG7c7l1fGmArgr7gH3sZy0ZuhY6gG+0S6J1hkiAxRhjdsvabFTLFj49/XRO1jFdnAlFXMUUJ0=</Q>
</RSAParameters>

Certificate Public/Private Key

<?xml version="1.0" encoding="utf-16"?>
<RSAParameters xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
  <D>iYGuUlh+r4bYddIEPuGxO0WcgPJNBslsLdqaBilPJvVOqbDNVlvWF5XurkpnY19gCXHUUTcZIxHBR33aea3VB/bv4T8dgI6TRZb5wR9xF3+7SM6JfJlI8rax3yRCXhsiwnNUt6vT/JjQ0IbbDkTPUwPEi109fpDImXCmdca/ZPzIsU9Cf6EbriDqse4YRUXFHO905/DOLyJKLT6fz+V+L/EKQ/EX2o02tzJh7185BdyppXwCyrunIFjOAFfGeKa+nlW1TOHgBrWxU0NJ4UwazTTy67Rzz2zhyfDSqRspfNojJHmf3y9bQcgnDMnfYaW/W2lnPawOt/8VKE+iDoByAQ==</D>
  <DP>9Jpt29koikWsthqG28Fm9NMQJ7Ewgr82JvlQNlwk102To2GfMwaV9gxDi/2Q87gDHSee/MIY9E5a/aKvvqDuzVu2IQNN35ifiHrqowkiCn6Z8Myl8LoM4nNIbVAs3cMWa6HMeaapH2TswheQgI9LTAtV0RInsKPlFGeeutkj06E=</DP>
  <DQ>AS/LZt6QCubkbaLt44+6vze+rBjljjlYie7DpiwnTegOb03bDUBbLTz5OO4sgB8P7FrwWjNhnKIndBHrtQKTM1bA7nqB0PsPIWEj9S1XoIjNYBB6eZ1eXRmUOBgDAqBv8jTjl5r5J4mEzSz3Fh27rN6EM/YKaNtMdqTRkzPQn8E=</DQ>
  <Exponent>AQAB</Exponent>
  <InverseQ>3qKAgWFcY1x0r9saf2BU8iNsXXvYCQZqh5JtdwnplzczG4P3kB7hlBRPF3fhhkhTKgvYz6bs20oV2YxoDQaxJxZchO3SFxgwm6mbQpgqGvI0z//vxTCyM3W2dGESlphSQ1D8qqBqPivg5Kzek6sgqjw+gxB6uftd3atk30TlnIA=</InverseQ>
  <Modulus>4D2CGi+nlW0Hpff2HpAq/cad9+PBRkpEsKwXwKBbBGKx/6POaPxvhfmre8Oy7v8uTYXVXY9KVvT+qFEkQWJe+e984T0riyxvu17b2BsF7h48v5JzFrh2GdWuWPcQ6JFYRg76IhiWFNKNX3jtM+cDl3LjOi7JhaIGBwperK/y0zbVaPNo+/psCPQVHSIKqkpC8KQfTykgUqGpBuiU7aQTY93WmUq36SIxcyUi8WI2nVKG/oZZNVaudvVmThFsycD88HTer+39jFq7n1x0qV9NPvlq0FohQ5QlsDn/DfPk5zD5tyf2dnXT9XhkfPWrwKHJIZYYWo41qVLZhUUBMezwmQ==</Modulus>
  <P>/enONyiO8JvM06Dovg+QwnrJDS8LnvlYdjSQYmer7qesLoGeyHrZqvhoW2rdpO58gWCpFuoWGcUasGjlm69xlgxjvIhmtqQvqEM54xiRmcVzEQyOjvl+khbluAEUTng4LdZM2HpOWS7VlxgB2XpZ2mn4JsOw5Iv/SZ1qIDpBRTE=</P>
  <Q>4hVGcpQHCx1E280KyKVwVTQC2/VSscl/do0ViMiKdpgRYnLel1+TDATOz+w6RCPBDgl08OsF9uVGHspAsVOBbJ33/JsCmHcnBiexWkUQR8Lo1LpyrIjqBekq61WoqUNnLUXNw2XGVVaT3ZgCSwdJYOMHzBaZ+FdO10eazm4Cp+k=</Q>
</RSAParameters>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.