Skip to content

Instantly share code, notes, and snippets.

@MidLevel-Bot

MidLevel-Bot/quickstart.md Secret

Created August 21, 2019 18:10
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save MidLevel-Bot/e3f3b61df10255f282fcc28819627021 to your computer and use it in GitHub Desktop.
Save MidLevel-Bot/e3f3b61df10255f282fcc28819627021 to your computer and use it in GitHub Desktop.
Download ZIP
http://cert.midlevel.io/ Generated on 21/08/2019 18:10:25 by ::ffff:3.227.233.6
Raw
quickstart.md

ONLY USE SELF SIGNED CERTIFICATES INTERNALLY OR FOR TESTING. USE A SERVICE LIKE LETSENCRYPT FOR REAL CERTIFICATES. THIS PROGRAM WILL GENERATE A CERTIFICATE AUTHORITY KEY PAIR AND A CERTIFICATE SIGNED BY THAT AUTHORITY. CERTIFICATES ARE ONLY VALID FOR 30 DAYS. AFTER THAT TIME YOU NEED A NEW ISSUER AND CERTIFICATE.

Quickstart Instructions (Basic Usage)

Server Instructions

ONLY DO THIS STEP ON THE SERVER. IT SHOULD NOT BE DONE ON CLIENTS. THIS STRING CONTAINS A BASE64 ENCODED PFX FILE, WHICH IS A COMBINATION OF THE CERTIFICATE AND THE PRIVATE KEY FOR THE CERTIFICATE WHICH IS USED TO SIGN KEY EXCHANGES.

In the NetworkingManager.NetworkConfig ServerBase64PfxCertificate text field. Enter the following:

MIID/AIBAzCCA8IGCSqGSIb3DQEHAaCCA7MEggOvMIIDqzCCA6cGCSqGSIb3DQEHBqCCA5gwggOUAgEAMIIDjQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIyCtD3kdltRECAggAgIIDYGm12tE9kvuYzgL2rEGMSVpaWUBQOgqm0V+mZtYOebFqfJoo2t6WRdr3JXrCNiLiaMPyyNsjt8m395KQHHAZUr0SzDtU5Zie+9mBb9dEMy8wfbavmD4C1gfpuQ6NWS5RQ9st75wetAzj/w22pI+i6+WFaf4lri/UNovaFpq2WcUaXtaeUnIbgi2HIkhf26NPgNZ+a0zr6f2mmOZHpauq5989NIlITH8czXVsYD8MQZgO435ckxiKwe63u9G31MFzjya+ddpcYJSrZ462m0L9wVGZP1OrC1PSDsPb4yAohKcZzlqu5oqx0v8mXi1EM1TaBQYPZiHkF5rEmPbLplp6SI2JCNZGYko9ZUb4Fi0U3pVg9XK70LoQFlj3kKdhLr7VNlf2J67VDwvyrij4I1eKWPQ8w3my7iJe3hVFanD7iIa8t90impLnwPztv/lYzFPqO3Iv6bI9hkn3k0HhAzctvEhtmFPQcVy+cn/05u3XeL6xgSKAN2+N79cvp9hg3mnDlhLN+bM/Y6EbSKBfIZ0ACE0cgKPn7/R+MYM8nfYZgsGexj5jHJzJkZnGsaltLmWJp7Nvr1FTOet1u+SAuhCVoG0GXf39vUX9MAbCJv/IDyp5QXlfchQ9750mNxUrF39KuLOLzzHHn4VdbqN0qXd5GIbmYc5GOOLmqUMc3EJjJ7WogK63NF8adI0z/wno8NiJ2sfALP2P52VDL8wZcVphT22XV6DUTG5Hj28+jRZ0uJb/dpyDLUnor16arhCKGl+FCf+HhbOaBugNdPJUH1ZgF5rGexR2lTCEpHxmYMkgmP4JI29U+7ri0gR0hENkXikfBXgA4EFVep3Ig7/4FiXyIyA207EAjmvZ+DX4iO+UJNpBzaKu5GssSKH9kLK/TaZorK8uA3FvZ1mHlHSaFM5mnjPe7d162TcFVWodBU/FHPtp4OkXZZAnIV9QmfkmHnjo7g8JCfd6QwnokMnEjYuDKtXpnq93jk9g4i3K/4UusOo4kMOW4UB8AJkbkjzTQHr3WgxjJ6uzsirZbaXgbvQqzAKFdK6Kj0EJ7AaHtiQjKJOemWFCylWT5PKrdUHeA31ymAqeyeAOejlkfkNUoCVQovWpxknlpMxH+kALUGGsD3VBajzFCUzuF+mcR/Lc/CO4VDAxMCEwCQYFKw4DAhoFAAQUsfGQYxemluhFn8OvRKCPyEp+ekgECLmY4IF+7F7kAgIIAA==

Client instructions

To make clients trust your certificate issuer. Please do the following before connecting:

CryptographyHelper.OnValidateCertificateCallback = (certificate, hostname) =>
{
  X509Certificate2 issuerCertificate = new X509Certificate2(Convert.FromBase64String("MIIC5jCCAc6gAwIBAgIINRhUDIi3MVcwDQYJKoZIhvcNAQELBQAwGTEXMBUGA1UEAxMOVW5uYW1lZCBJc3N1ZXIwHhcNMTkwODIxMTgxMDI1WhcNMTkwOTIwMTgxMDI1WjAZMRcwFQYDVQQDEw5Vbm5hbWVkIElzc3VlcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL3UjFzRCQ5lZhgG6BU7hjYwp03wwtQupzynNWRpvbVDF/ecKIutmq4rZyzAIcPd4s9qnhQyu1cLHqBAqZY/92ikOxW7qn0piwStrJgBAuncCKPjsg7VvPPDU0OIpR/MHRw7g/fVjIVLsDBpi2/3xPZe3kRaWIEOjFesfFaJxnCmTlnYDQjIpolpyUSZlOEPz4zNxQM/9ATZilsPNtNtwW+flX1jzcQeTThLSnTOfcO8XpRNLcN1Ukq/Z05wKLvyA/LCYqDbEz+zEgtkgGDoqgRdyIn17Di++XiC16BstPZMG7oZwe3QGB6K0oMvIavREHhz2nvncjlukQaKoJ84TKMCAwEAAaMyMDAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU4yLZPV25AyWedit80r/AHvE7xT4wDQYJKoZIhvcNAQELBQADggEBALbwjEmvYcFpCpw2UvBQf63dzCTFfPnbivTKjsLnVIj3j+3RNuiHHKZTRlqVbdJ1vEL0LW7PA49v7Ojcf6moCgrDm0bH4XbbdM8luCzfCdgXG16E1/O7PV4FyeJjHeil3S63OmScMuz38zPwD5plcJHdqiDmVPBZLrj4fJ25n/gzQ9ivLBTkhcvzdXStHH4rxoPhjAk2hQh+36YvHADGpgS8s7vFYNWoLnCYK0JHVtldgA0TWnQDoFhg/xNaDl19gIuvVbEehLMk43KdqvpeP5rYdzy/5SOT0kGEwGkQyZ3gw8f6tHYN7aYfIGNqNXR6yGcaIPUkKFi2gWzouuNC26k="));
  X509Chain verify = new X509Chain();
  verify.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck;
  verify.ChainPolicy.ExtraStore.Add(issuerCertificate);
  verify.ChainPolicy.VerificationFlags = X509VerificationFlags.AllowUnknownCertificateAuthority;

  // Check if the chain accepts it. This can mean that it's from a CA we trust OR our own CA.
  bool isAcceptedByChain = verify.Build(new X509Certificate2(certificate));

  if (isAcceptedByChain)
  {
    // Validate with the last added CA, that's our CA
    return verify.ChainElements[verify.ChainElements.Count - 1].Certificate.Thumbprint == issuerCertificate.Thumbprint;
  }

  return false;
}

Details (Advanced Users Only)

Property Value
Issuer Name CN=Unnamed Issuer
Issuer Key Type RSA
Issuer Key Size 2048
Issuer Validity Start 21/08/2019 19:10:25 (UTC)
Issuer Validity End 20/09/2019 19:10:25 (UTC)
Issuer Serial Number 3518540C88B73157
Issuer Thumbprint 3BCCA692ECC022D00D989830362543AE0B6C44E6
Certificate Name CN=Unnamed MLAPI Development Certificate
Certificate Serial Number 00C5AEEDAE33026BB10B459C3FA8248007
Certificate Thumbprint 5FB04EFEDFC798ACCAF399742C83182970914ADF
Certificate Key Type RSA
Certificate Key Size 2048
Certificate Validity Start 21/08/2019 19:10:25 (UTC)
Certificate Validity End 20/09/2019 19:10:25 (UTC)

Keys

These are the keys that were used

Issuer Public/Private Key

<?xml version="1.0" encoding="utf-16"?>
<RSAParameters xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
  <D>FEIkoJsmTkT/+jxydCGgFxRmJmk1QZOhAVYO2qJ2PmvkmOYvZYinY0L6hcoTUGXTmLMWH62yVH25TPzZnFFDRAWS0KTwct8GGP+31Zj2CKMUwPjBvdeNjK4hqqlghd4wlRy83qwJjQggy2nYGaDlgi1ppv3FSDCXRZwAwPN/G/JUFyzIj3BYNZRd8aNgIZRNIYfg540mJRfqH3LpgT+64KgDLv3XDi4dB77bibmguUgIBRWHJWYSdYh5kHUuY+++vUInhLl3p1wAxXqbdvLIcqmspQgfUFIXohCL67SHg/NnZOVviu9jTSRsg+oWiohnMt52rQO1vvA+0QpH9ppKsQ==</D>
  <DP>aIMblHaF/KYEeXQBoG6qk7qAq0Rja2jS2SlHcUb5Sw7ssW140B5yvFoezSFDgZQMyup/Db3JhCm/p470B/17uEwrrz1DhHTC5m3CuGx2ftjduw3ouIKKbVJo4iH13b+LB0BjE7YApWVkEVztWPYdjzv1+zyBQjKYhOZd0Sh/zck=</DP>
  <DQ>kReG38SM57/qlZftdAE60UWX1WClruQ76CxCvyOjMsGkZohzKcWCFrFOmIlIYCVS71zHHdk72ZEkdx7M3tG4O8JHDEr4/NDjpilj8+bYI6O9xQCQlKA7XR0ivBgeRGduCJf1zWjPAeF/yl3HlFPjw19mFUo1AsHHxrlVL4mYljE=</DQ>
  <Exponent>AQAB</Exponent>
  <InverseQ>mMJWipV65kUuZq491+WRIKz5jEptKeZXFLQsZ94iyZ5orHM/eglw0PSmsILNcpQ0LBVBP4Kz4vuoEU9QrDnRZeI3mpUlBUH6kfd5n4SW90Rk8SoF2yVmKVEXwW7zstsPMYvUpfGtcptjn0eTgQN1Ef+39gW8Iyys51eD0bNBX+E=</InverseQ>
  <Modulus>vdSMXNEJDmVmGAboFTuGNjCnTfDC1C6nPKc1ZGm9tUMX95woi62aritnLMAhw93iz2qeFDK7VwseoECplj/3aKQ7FbuqfSmLBK2smAEC6dwIo+OyDtW888NTQ4ilH8wdHDuD99WMhUuwMGmLb/fE9l7eRFpYgQ6MV6x8VonGcKZOWdgNCMimiWnJRJmU4Q/PjM3FAz/0BNmKWw82023Bb5+VfWPNxB5NOEtKdM59w7xelE0tw3VSSr9nTnAou/ID8sJioNsTP7MSC2SAYOiqBF3IifXsOL75eILXoGy09kwbuhnB7dAYHorSgy8hq9EQeHPae+dyOW6RBoqgnzhMow==</Modulus>
  <P>/OUoL6iI5WIMK1U2EeyE9OUCNajz7+8LoDuXckeOvtu9TzqWE4CJkrRMvmc5AQRBxtO+vsA124IPD1/0HkLN9Wmi32Fh5uXeTh5B66bDH0LtGFhbGmIaPNdqK7u32+gJcNB/OdGwLlWcoMUyJtL00k3b2QFdo46tKEFbwZmzKEc=</P>
  <Q>wCkuFLYWCkn4iZVxpg8Zpvp7BJNlNbWu53AHgjdYvxFmH6UUzvr9zrm7OWHyg+OKpn+2d/upw4SSzSw+JrCNcremLryLri/4VqY4ukxBh1XSzyJG1xfRd5c1AKgApOpt4gZ9TnvFM+w5wUk0A4ktlYb92fd8dL8uIOiTDYxIQsU=</Q>
</RSAParameters>

Certificate Public/Private Key

<?xml version="1.0" encoding="utf-16"?>
<RSAParameters xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
  <D>XBzQTztWd35YRwH7valVB7nUdjFvse5wfL8Y9vFZimn3ZdusB1q9hBgJOngPpkTSwgHQXFT3oSf/egCJCVOrfXNGUJDpv9UggLGbJ4Hn+3DL6vaM2O6n0/uB551O230qmR13t2cIrusdyRTl+H1SDeQmLdJaoz56BNBZgy8QFgyYdTJ+BhmtOHjJyvGmjXzYCwj1j7Bx1OmLka7WbWCmxywy2bPuprMfgRdxGvsIQZVigJ15vt30XCSQ7fz6ks2wsYxKb6D4bHyyIsCZ7iEXJ8xQLM6xmf/ojOjJbb4g0FxXJrNh53xtAifmDHs58NMcs7QPy/UYmtXLxlVkPik/QQ==</D>
  <DP>EWyolY1l3rEoC5TB3C90FmIEEJRK0X8Tdzvnp/ajumVn/icIBvtGS3O18KZ7f+uybUEeU/1YuQ114nT6QKDPBhDmv10fq1mVmuf+waEM3/lvKh/gSdRc2XGv0dGW2RwEm5HTBr8JCg+0GIVddSP479ozTRkOLMgq+xXsUcvkgNs=</DP>
  <DQ>ls/72+Nc70I0nVPN2NS2mE8+pXAo97wiZBxYXZPm8rm2u05I3n3/q/VFlglgMQzlCUHeGh1myHKoTF+jXszYxqTdqk4G/qWT0OAy48+8wX2xOp8HVjx5RD6LWWC9Qdgl95ujTwFD2OHOpUFItpjGaTV9klx0OzA80DNETqkRR7E=</DQ>
  <Exponent>AQAB</Exponent>
  <InverseQ>zPe9xMUzrqCvNNei9Bibc75bGkMBHc6ROOnLTalOgLMiGtQRROfEB6swQenT+N8PuHyx1IM69/pWtxFbUwTf7t+o1uad5HpY9wZR/aR1JzjmUa6x0yi14g1T1FcOh4WmsTpewvn3GQ5HJv8LRcqcAMKaUzkjfVCJV9AsTWTBFvE=</InverseQ>
  <Modulus>rkMLRvwJa7xOm9MmJNbMls3ajFzNG9EErd2qHXzoP0iCD3t4G5l27IvqNB93ioEnLCa9jSRBIqBOSc9lp3Hp3kNz+bpJSJM1cTay32sidiexk67E5FfqYcckN/rYaTPRhRADOnlmxyuex8DamkuaOIi2kvG2HPJtPyRNLSgIbsVbTor+zDxkX+vl8SNNQtwSgKEwenriUMSC0WB3pIEA7Urc4oQW4lhpeFTtpqT+7ZLH2mn5/897QN8cWgKdAX9pkngX8CQJ/3VeAkN42uY2x+pxZyYd2iTRcF5HUt5T0gVgr4YBU9FUFz0QsefVfMxZLalGvqtihgO2JU0Gz31ZXw==</Modulus>
  <P>4s01CoYY6w227HdAd6bvXZv2KqAg1aQ5eDba7Y8CPSwaAn4aPHgOlA7q0P2eMkt4ZXYw9+Y1Gf2bbRq6rfDUrKmoQa8b1fb/kT3CJ4v/2UXD4T3L67IKKLPZVVZQ+rSVde3uB7s/dVXIL0HxlgMN+SSdlLyyQEjL8tOVNpEFyI8=</P>
  <Q>xLJDtPuTs5i4lhHL4ptaSYEmC4nRHmKH3//Rq0cWiWfPe+Qp8WSdWjxb3OHtdS1JXleDJAgitsrcmkkQ3ECJXnUq+A5P9WK9yZRJxTDYWDXvduUIrr6rRl8DQ+ghOuqWGMIEsLm0HHTzLAru001d+GiTiilPbbR8x6YSe6IdqjE=</Q>
</RSAParameters>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment