Skip to content

Instantly share code, notes, and snippets.

@MidLevel-Bot

MidLevel-Bot/quickstart.md Secret

Created Oct 17, 2020
Embed
What would you like to do?
http://cert.midlevel.io/ Generated on 17/10/2020 23:50:08 by ::ffff:3.92.8.33

ONLY USE SELF SIGNED CERTIFICATES INTERNALLY OR FOR TESTING. USE A SERVICE LIKE LETSENCRYPT FOR REAL CERTIFICATES. THIS PROGRAM WILL GENERATE A CERTIFICATE AUTHORITY KEY PAIR AND A CERTIFICATE SIGNED BY THAT AUTHORITY. CERTIFICATES ARE ONLY VALID FOR 30 DAYS. AFTER THAT TIME YOU NEED A NEW ISSUER AND CERTIFICATE.

Quickstart Instructions (Basic Usage)

Server Instructions

ONLY DO THIS STEP ON THE SERVER. IT SHOULD NOT BE DONE ON CLIENTS. THIS STRING CONTAINS A BASE64 ENCODED PFX FILE, WHICH IS A COMBINATION OF THE CERTIFICATE AND THE PRIVATE KEY FOR THE CERTIFICATE WHICH IS USED TO SIGN KEY EXCHANGES.

In the NetworkingManager.NetworkConfig ServerBase64PfxCertificate text field. Enter the following:

MIIJaQIBAzCCCS8GCSqGSIb3DQEHAaCCCSAEggkcMIIJGDCCA88GCSqGSIb3DQEHBqCCA8AwggO8AgEAMIIDtQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIXtEk2vPF3DACAggAgIIDiEnRwGfMfCKE5Qe1d2GvK7bYF12169h3LeldxWm8kC7rx6HhXMPHxtDoRk0f6Lo+1rqcKqmgbtKmrm0IZaKB5Ac/ajDYtEuGiurocJlf8tyh1g5fXXz3HT5YcrW5YTJIry98WWVqSpberNRSGjox/gUHbJvIeDeFIqPAqyZRpKcpGOZmsUL+vFhTVn7BlUVLlsNtcmuBwXJtf88+9KM9MSU3/Quw90aUDgGatejpDalQJAcULIS2jCbT5zn1FMDnHQcYJy2m19gshk0slg91reqkGB2jW8WhaC1xfS2XMs8/y7Zweh9ouS8h+m0zuuXYKX83+i6s68FM63llZp/kj6A8Lkm4aKG4Q7ka79LnGQIEx0QFNwot76N6Qiy8S7VpWMCNSFXwPTfHKv+W42/+BdbGh3Yx6H5htJOBVjj4fdrDjm0rDSAykmFVkirYJ3PSKe+aPY5xnN68BwPQNp56KJugDu4G2zAdqkhvHVLxQvf5PQfUqZV6/xBjCxfdrBfchEyws6t+PeWezmI/DDTzp6NI0l+Yf+oe/E8xMagNfUpFIMZ3KFVHlr6xmHKJWQf4Eu7Rp2aIs9Upaa1LJKNiqXCSfPZDiDKfkspdvG6ww6RXbnX+tuifqteXbjDpHQYnmqalsvQb3nqm+GcUMl4qEaFBHvVSm5k84KG10ZZHsDyLLwYkvDtmd+uo4VZWZrpJu2S2ujuwKkTWgA2292cW50Qw73iHwuruA3/1/AXLgYBQmYOucgwWEho4Jy0eEJixfSw/Sxjr653m17UOaEq8E+AUPJMWQ0cF7uNneYSRUCZlE16iWRUq6SqTl0+UVFQ6eBH3n7MjwXiSGP8c4Tjd/CNMu0GxLbA2sHxYc0+2gzQm3Z4cR5sGhnxCbkK2nm3uj8YP0KzIgJjfnKDGs+vcmpdI9Q4ky0zkCc7m2wyBLJZN7Ej82Kt8bMmlFJVvDKXmn+479+51zkgol3xUw2wT0UK8Ymq0MGdUDDhzzFTYxAwJ5reAEyTwecBdLJdrL5cTjQbrNKw9ijes7jT9G8Q9lk7gAKYgQXY+ZCpYO2ttfyUpsEnD7rXAgyuUjXWcjzy+8h/MbAyW9UqyBOh76THsh1EjeXWDpX5oKWRVZ8hHQtiCOGygsja9DYyseV1XOG4lnBlYuCZ9UtQhSwzPEZHY+cIvAfMoTovl07aYzJAJZnH1zmtWY5dYdY4wggVBBgkqhkiG9w0BBwGgggUyBIIFLjCCBSowggUmBgsqhkiG9w0BDAoBAqCCBO4wggTqMBwGCiqGSIb3DQEMAQMwDgQIH5m3dmVPTKMCAggABIIEyCPbtJxKFQCL279FFXlitRSZAx8dmb0cwijrtEXA9Zmzn3Dcba1IS+qzs4V5SI7fQmEh9dypfJ3IcnjzOjoab2pS1WXIrAxfe9imHZCHD4C16tz1qkZxJS7937m73zi/vYwbisDSUAWL0ydjuQ+NLzipi2Oldxw+rQPKAGNY/+bBJ+nvc3aOfAVKjyD64WZVU6EHGVU6fajmGGV4wcRGqdFQkJWvu4JuEcFWcoCAXcX8gRsfiRawx6/MxetX8LPy+Y81x7zvawWQnXQpb0tVsvqiLY/VzcolbuNDU1qyWQEHDQpGUu00/1kU8cCTL6rkJLPVlQwu/VPyduyhchRXdT0Zy2pa8XfLjZPiPa7nEdviyrJvVh0CXwrnaZM/jY2M+263rXY8ko7UE0flSb4DtH7E0hlJkvA9Ei5gq5QHN2w69Q72A0ctVl1Xg4mSbVxTDC0u85/ZDxmIwwEs68j3IBFAkjBVwRHX2JYcdqZI6FdT1kMWEmOok/3rkpIEIwA7pkGMJQqD3T+tcnxZzkdefBCTeJ14QgkjNo9YB9/nb/QawVx5R49IUaoLsLwgR9rr5Ln5XTIdOVTRCljNl8GO9J0DNnZpyP88nuxZr3C28Edq1CpIZMWBB8Sp0qSTEIOmKHBybj+1q2AacXrEP8FIKQ2CeJXA0XMK+D5z6hF5iSXJF65+GXrVQiwMbamCHBR9wOj2Ukz3fGThXU2DQiHkh1YgHDp13GeB/Nom6fFYVnr8Z4KsI9b9KC7a2yOBYDNPx7D6TOvTP4nbGMDilV+18FqrpAFZJ2s46j56cEn0gvm25dzst49OYgQmXIgl5zO02jBKauTRviSlJj58OaaOx+HYIL7S8hKDVvq0Hs0KW1K1+vU2PkKPHMFjQiQmqzGj58ZySyTWfyWZw1X0FrYye4UII9kknRVS/YIM08qFvcBoEEs3vtDCKZQj824qt21fW6b4Z4kHk+LeJ7hidKWSYJeqDGqI+iDH5QdDHAcQApHY5L5sCO6DQsTHzCuhTtjSj6MHpuZeX6FOIiUq4E7vL/9xV1SEBQEV6XYXVBJNtrLDFcD+MK5mjCCund3j46bWi+sD8VPS+MZLwS3CQPx/+BtRIALBMKLYOYdCb9H5HFO69W1JgP4+6c43hRSSYhSZ2SWBqfQIRMJHHNyvcOg2zBxIt7KpGeu3bH9k0VJRVpSTcyWi/0sRDPEBPwU6pdzqlw8sxDJf8Q+fTmuDHf8Ao+DZWD5eSMLb0RBBYG8V6N64eOqKmooSyx5u3uF+mqCpfVhKzBvv8T2Bz7enq5xAbQvOFSPrMU4yOUL747477fgKzh9TT8842L51R9axdAqvSkx4NYoxL6GioBy6v6oDJfKnTF0J4qHRemsBYnGqjk9nGDpFw3ibHp7xWITb9UEmpj1FXddFY1oVBbgo/53ovrqInyEaNMfnhWcFXUFZrqpwNlzg0c1a+0aQk3sRkX+qr/B2dulk11YV3a5sJtNmbtboJU0X4evvI/KxkZTmIF59NdNce7vkUWXsL+edrbtO4wwu8SBd/dCdoMqXdJ/3eLqxUm2svt7Wu0jREEaZij1euHG/Y2QKc7ltWXnRxE8n0GkYaWFfskD1v9mGxGRuhaTq//Q5EcDffTElMCMGCSqGSIb3DQEJFTEWBBRNaXbHeIqag2KmeJDn5f/PUJQuYDAxMCEwCQYFKw4DAhoFAAQU6T3xI6gtkQ5q2BI/aLC7dIAP2vUECPHNOq9MwveIAgIIAA==

Client instructions

To make clients trust your certificate issuer. Please do the following before connecting:

CryptographyHelper.OnValidateCertificateCallback = (certificate, hostname) =>
{
  X509Certificate2 issuerCertificate = new X509Certificate2(Convert.FromBase64String("MIIC5zCCAc+gAwIBAgIJAJvtOk5zc/yWMA0GCSqGSIb3DQEBCwUAMBkxFzAVBgNVBAMTDlVubmFtZWQgSXNzdWVyMB4XDTIwMTAxNzIzNTAwOFoXDTIwMTExNjIzNTAwOFowGTEXMBUGA1UEAxMOVW5uYW1lZCBJc3N1ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5WLD3Zh26VFk3oIG/NwtgZN+Gk02UxYYWFQoeZH9GbUDL1/9RkHRAEdCbSZiiIO2xEcGNsgbYctLQxbZ6dmCLPhuv0xV+TJ1Pg+3cT59lI/ZWR9C4Cuk+uuDwdhtqQBZVlbneyfNllXKL3x1OGiaW3N5QaNNLmjYdWQCC+b90y3lUFSA2DKIHXhNNFKJVPWVve3XdCOy89lbmu8bB59ruzRgOTFZ7lgfHSAG6s9m5DbQm9ZTSZpUw4cM0dyji/1eCwrmfCp3sqSYolSvq8W2JCMRwjurrTVxyL6XWacusYlLYaUcg4jcasqbL6GoP/ajyX4aBc3wLhwaG2Y0EWLLjAgMBAAGjMjAwMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFL4VjC6YI3Tw+Lkd9EfuPmizaNpxMA0GCSqGSIb3DQEBCwUAA4IBAQChz7fr+VvsnM3tQmSjBuiSIxmEetDFwyKMr9hdMaigHNZszVB+Urjkv5/+99kaL4KWu5Z21ySOnaYvhlEOCAp5PNkMYlEabikQxQ/VzjytnT9/WDnBCR5UjBH1Gw2zo0sspl7z4MuxC/KFVAnwKLTVnJXjqXGxjBUkmRr7ItChOLMW7Y25PKKQZzRSau821KZCSN4Gfh3xses9oOBgkhmfe+r48iyxnMxf0wpyKNp35/ZbOi0aoQ7Rg8J9/lTOs+p71JTGQvt8piIxJZt/WK+/hvKgBNkuqPcho4Ausd+5EUxLVgJ5AGkPTmbK0wv2KUTTpG7H+pCEFPgl/SgqUkTL"));
  X509Chain verify = new X509Chain();
  verify.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck;
  verify.ChainPolicy.ExtraStore.Add(issuerCertificate);
  verify.ChainPolicy.VerificationFlags = X509VerificationFlags.AllowUnknownCertificateAuthority;

  // Check if the chain accepts it. This can mean that it's from a CA we trust OR our own CA.
  bool isAcceptedByChain = verify.Build(new X509Certificate2(certificate));

  if (isAcceptedByChain)
  {
    // Validate with the last added CA, that's our CA
    return verify.ChainElements[verify.ChainElements.Count - 1].Certificate.Thumbprint == issuerCertificate.Thumbprint;
  }

  return false;
}

Details (Advanced Users Only)

Property Value
Issuer Name CN=Unnamed Issuer
Issuer Key Type RSA
Issuer Key Size 2048
Issuer Validity Start 18/10/2020 00:50:08 (UTC)
Issuer Validity End 16/11/2020 23:50:08 (UTC)
Issuer Serial Number 009BED3A4E7373FC96
Issuer Thumbprint 3E6AE1F1BEA1CA0BDF947801F2FD4016ED49153F
Certificate Name CN=Unnamed MLAPI Development Certificate
Certificate Serial Number 6F2030A32DB297195551639A6E77AB05
Certificate Thumbprint 4D6976C7788A9A8362A67890E7E5FFCF50942E60
Certificate Key Type RSA
Certificate Key Size 2048
Certificate Validity Start 18/10/2020 00:50:08 (UTC)
Certificate Validity End 16/11/2020 23:50:08 (UTC)

Keys

These are the keys that were used

Issuer Public/Private Key

<?xml version="1.0" encoding="utf-16"?>
<RSAParameters xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
  <D>TI0xKj1m8dp8rtkAPbXCYSHIoJCebl/WrbAq6bqgRrpBFPA1Z76+BOhWvIx9Ghl3kra+toNdCHEEWW4PnCzgWyJf1RLdwbhrELhwuZm5P9DGoYQv1JPNGjedSDO/xvaJQvgAOOA4QzCiitqwA94RKiY3PAbPnl4nE5/68h2s0dOzFpW9fOl/tzhkfXkQ02uYPOxifNNvePNRwUqm0kIKCBbdJwHCqLaCI6Pc9DsoEHY4U5IW3uDVEKAPI6H0VHkjduDDrPyb5mmahTMoVXKuX/DD3f1mkeDs3rGif94n/2Q0DJSwQbhWKUx9/wT0i41gvbHeDHT0ekxN6H5mM81I4Q==</D>
  <DP>Sw0LdhjO1AHf5b7Qz7Z3zjC/sbTrk6sFGdwekfrngooSobNtBylRIpg3eK66L26tP+GxSOGF6GyFxxSOqOvwIVmrMKTf9JrSs2+KBlonbOg3S2Vu9TRBFp+7OW4JG3ohYjwONXWrhFCGv1vbeCFUuY6WMsuC6rmGtDFdc0I1aw0=</DP>
  <DQ>dl8UK9QPWocCO0aR8gelIklwxDEfcynVjLtFpHaewYX9yOvsqlzNfgc/+7S4lGNEaJFnTTiO6a63eYyTQ7bzl6FwMhlpsTFxgz0PrVq3MUc/pKI0lq7/BfzA4h1bZbBDdrC4i9wolfL5cabhY43rcH/isgHE113SYcXqM0NgY/M=</DQ>
  <Exponent>AQAB</Exponent>
  <InverseQ>Q97PK3zNSDOHKG6khydgMJGY0LAX0AYvwqqJz77Lu9m6EkZ0YpAPvlayoOXPnAgZMxtMEnILu49EL+wAR6LXfoDl3aNr+D/idBPP3kqa7N34B6ro6Fa9PVeWc10Tm0VRb3kxlBPBgA5ZrOjOnBVUlHuK10PdSGg4L5Huzi0TJ+A=</InverseQ>
  <Modulus>uViw92YdulRZN6CBvzcLYGTfhpNNlMWGFhUKHmR/Rm1Ay9f/UZB0QBHQm0mYoiDtsRHBjbIG2HLS0MW2enZgiz4br9MVfkydT4Pt3E+fZSP2VkfQuArpPrrg8HYbakAWVZW53snzZZVyi98dThomltzeUGjTS5o2HVkAgvm/dMt5VBUgNgyiB14TTRSiVT1lb3t13QjsvPZW5rvGwefa7s0YDkxWe5YHx0gBurPZuQ20JvWU0maVMOHDNHco4v9XgsK5nwqd7KkmKJUr6vFtiQjEcI7q601cci+l1mnLrGJS2GlHIOI3GrKmy+hqD/2o8l+GgXN8C4cGhtmNBFiy4w==</Modulus>
  <P>9hDpb5DLpHbZIDF3yoIws2h9vtHsg+UDOdBWcuXn0CxTzm/+fwzf9+xa1s1ihtFnZf6bLW/aoNyq/pu69p6+dQ3GRRT/mKg5dKmVfsd6y3K3HDKXpMCltXKo1lrVnYEKv/Hd4DYcBYh/joMARM9Ht8+I9qJjvok7o4i161M3Td0=</P>
  <Q>wNQ+TVCi4+iWiytfktEUE1xUxNcTXX2fGp9qIYk38/cp1Nr09ipXFHzvqKzaa1ja65eDusrZPjLMgP8E1OCrVzPDklVN70JXZbHddoFeT0n3SBacLC8MSy/QChF1KRXaNVaEKx8zrTlZHw+kIVBHXDShtwq6O/IwrSIc/Fnl178=</Q>
</RSAParameters>

Certificate Public/Private Key

<?xml version="1.0" encoding="utf-16"?>
<RSAParameters xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
  <D>hePvhwMTmmJkUw6rG5XS3/bjQHXqWGtE2lCZrjIBsSx5WhdBeKE7uFvhSXk1wbyh18y54rLQE13ge6x9g8lPPuq02Yx9sly2zyus1X+TIOwb93Wka4mwr0etiUF/veIpsXueUKcxFXH+xQinND/+ishQ7D3ZMpCIgs8zDkrzUWetpfsc737SJehPHpVua6WwaGyBOCOHqsBYVTZsg5BgciIORnddGK3Fwi9EKYZ4vBTgzcv1tkWFOpuTq92/i+IwnLTZ8p5PC2sZXnuUGHSHNbt1P6p5UMtBFyzYE3195mSqv8ip+WXz9uclrev71pv5QS1lTjiFVuK4bYmSp/Mi8Q==</D>
  <DP>VqrEK1InwkNz/KWZ7duB9XRS7mkbJ0uJWqOXXarl7VVvIblRKgVppLWfINbntQPLp/8iItmT3K8jW4HWqignxVcaYEt620fdtldqKBdH09ePLGsK1G0MjYDg63N1pKt8PFac8cdGmtvt4/0ZlmBSudqznpTlIJE4zb4emLsR5uE=</DP>
  <DQ>GfdJenaRJxkSvgTReLjhomPmuPqF4zWD9/SlPm9vs1JqcLRgeY8NpoT3qH8UPImZiqF7sVYgrcQW0SROdM3IDgJkPzoCIkG3LHUVY/oQUvJlUACumHKo7Hq54pQViRgUUfgHVOk+XaeEp60TDb/X2cJzVEVxMomTIej3qhtf5IU=</DQ>
  <Exponent>AQAB</Exponent>
  <InverseQ>CfzlbKp3NjKb2Tr2dK3C5fUI//y983IWeCFTD2BAJ8RkO2BRQod0bQUp2sZ0jl0/hUiiGNDMXDj7GO+iQXtZToFrMunuoUVMtWouh5a6hjVqyCwggHfy2SWuWkZo4C8eFveXGpS8Ofho6Qw5AiInelsqtsnYGKfsBztOB8+532U=</InverseQ>
  <Modulus>rIcqJ5iQ8yoscT87EECpZNF8uZkr0ptMMaMK7TGMaIZikT9g8XT6gvKUQFHRybD5Hc+RGcZPjykSbh25K8jt8PMnTWFsVWtWsfRDF2W9HkwhR2HPFL+SwmmvlzgobOSD7zHpEa9aZ00nRqVwl5pMcQZcWyjCAqqWk55r3R5PMApXTdIiq9ORATpzPPgPh+D2TVY1zEZpEZ6XTzaASB6QMJ7iBbWZvSz0+Sp/5qhymzj7/6t7T79sNjgTtNolgVwjR/ghGkn8Et5gtDInAcdexQiwolZyUk2OxjNbx2g2SJHsasBz+tFpk7SNvcJjAFPAuW8AN0/OTjp/w/eHMgQcGQ==</Modulus>
  <P>5S0QlvR2ivDcI00VMKUZyq7wqIhHkK20CmFdDxARcCtDgNS6yYeOuxNgQK6cd3E3J/DmZ2nXPlZFMSNjx8v15I3MBFuCIrwApH6Zsa2HzMK3fQxOAD8kd8ruxjOTLCNgbpf6IxSUbsF0LrgVWv/twqi2YusMneV9GNyYSFJpyqc=</P>
  <Q>wLi4rBkna2Sn5VCGc7BIOiUGsZVka7ecqGdczlPKgKuRdOtzJ5bo6PCyhIPgj7zqJYuinH52v5oUrZRA+XRmKXi6/OBSdg0lWMf7n7sB8VnTMJcumBIhfWjYjPVkZ5tDuhTLyJV2UE3/ZZSTl/HIRAYtidnF5jgtVCNMzVobez8=</Q>
</RSAParameters>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.