Skip to content

Instantly share code, notes, and snippets.

@MidLevel-Bot

MidLevel-Bot/quickstart.md Secret

Created September 17, 2019 16:32
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save MidLevel-Bot/e776f9c979bd5f219e92667d21568695 to your computer and use it in GitHub Desktop.
Save MidLevel-Bot/e776f9c979bd5f219e92667d21568695 to your computer and use it in GitHub Desktop.
Download ZIP
http://cert.midlevel.io/ Generated on 17/09/2019 16:32:40 by ::ffff:34.226.234.20
Raw
quickstart.md

ONLY USE SELF SIGNED CERTIFICATES INTERNALLY OR FOR TESTING. USE A SERVICE LIKE LETSENCRYPT FOR REAL CERTIFICATES. THIS PROGRAM WILL GENERATE A CERTIFICATE AUTHORITY KEY PAIR AND A CERTIFICATE SIGNED BY THAT AUTHORITY. CERTIFICATES ARE ONLY VALID FOR 30 DAYS. AFTER THAT TIME YOU NEED A NEW ISSUER AND CERTIFICATE.

Quickstart Instructions (Basic Usage)

Server Instructions

ONLY DO THIS STEP ON THE SERVER. IT SHOULD NOT BE DONE ON CLIENTS. THIS STRING CONTAINS A BASE64 ENCODED PFX FILE, WHICH IS A COMBINATION OF THE CERTIFICATE AND THE PRIVATE KEY FOR THE CERTIFICATE WHICH IS USED TO SIGN KEY EXCHANGES.

In the NetworkingManager.NetworkConfig ServerBase64PfxCertificate text field. Enter the following:

MIID/AIBAzCCA8IGCSqGSIb3DQEHAaCCA7MEggOvMIIDqzCCA6cGCSqGSIb3DQEHBqCCA5gwggOUAgEAMIIDjQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQI+dBNnlbmYgoCAggAgIIDYN3m39KWcBdR6QOZFHs4bDFfutAPU6zX7/+GJSvVn62msDqANvgyFern7PPeHcvGz2C49COdjzlZKLL0LdshZsYdsJHidQozxBTHYJEOGlXh8Fbjc4TN4L2MJvzwTLyGGL2+nhp+mSR+O4MajI2vtptnslgTs18iplkwWSyWAkzw6t69iBmnufVd/4qf1fw4pqZxnZ8SoAEs4eR55rXHDsMQ2IcStrhoW7ecwDxuEfwPllNbZL5xoeUtR6PH5qds3luXXyS9LgBq/W0Hjn0vLkt2u9FQGRewtMDRPWRWAy6S+PR4LmWwyEqQEIrIr5yVjtAFeFMYeRfix4wVsp8kXZNfr3TqQblQ+UgfIkxqpN4bJPzFhbH+lWGHZKCHr9XYykynzZKQu9H0lvKbw9mWoOQa6UMjYmjiMjDRq7nhY8Z8MjL9qiQ3G+9gr0Jd15BiHwyt45Py1+Y9DKq8XjYIBQcOJ9H9trlb4Zos7J8y2y9P76LsDABQbNhGeAX+jd6oKDk4bKyz8MwaV8Q5bvaapWp7YAK5UTp9+w77q0UJhEomnRkKWzTsbx/AIa64mkGmGcfPGS22EKxqYpWeOkcawgitwF2YQWDWe7oHwaEqTS/nZYgUHIKNaUZuabwYZvWsoVBnralcHpvlfu6Cdz8m/Pj0iVPON988ZT2LV9SQ5VBF+StP7G/T/epeMmG42+jtQAoJekmiT8h2hX6MzP9ItgMCXh64QZvrUvnmzwpumuhXF2MSlwwO22UPsq3AUAyHdOjzWD4YQyjKm0A/kHOU7Z1Yqxl+Flp8rc3LbfbQ4zHa/rg2nZnw+NWwDVJBMu9MnsBhvLak3X4qiipCloQ2eAAId63aS3Moum6Bxzcda+tY2uAAZKhsTiNe+CrBO3f13fRLGT6xfITcSjJwzsBGVVW/u5fMrg1Q54+lcclQqUfzPQL0GkmPYgdrGwoJzWTnNExgFppOQCDvE84tasf0KSwpIo0j2ijNwBJubngdHj55vThP0VjK35SCWlgjAA3qLJIkCteqfly0sjt+i8HZjqlDRLICKGQ6YSF4rjlY7Z0/h8YI7HkfIsAoRAj35cS65oUnERP0ajTMxiPtku0b8zyBrb96dEZNqdVl8bTb9zo51hLeOGxE9RDxfA29Ge3cGzAxMCEwCQYFKw4DAhoFAAQU+LsReSE505agqpzoGDsw+Y5R24UECB7eDj/lc1F6AgIIAA==

Client instructions

To make clients trust your certificate issuer. Please do the following before connecting:

CryptographyHelper.OnValidateCertificateCallback = (certificate, hostname) =>
{
  X509Certificate2 issuerCertificate = new X509Certificate2(Convert.FromBase64String("MIIC5zCCAc+gAwIBAgIJAKM5ht80pnf7MA0GCSqGSIb3DQEBCwUAMBkxFzAVBgNVBAMTDlVubmFtZWQgSXNzdWVyMB4XDTE5MDkxNzE2MzIzOVoXDTE5MTAxNzE2MzIzOVowGTEXMBUGA1UEAxMOVW5uYW1lZCBJc3N1ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8bIMWHEgQ2APyY0X5ByyoF87RfUpW7XNvuApRZqf2kJ9PeWmQM1UUp9nkmrcSOzkve/dQCVbUpwsvuOurFoyNir+A2SAdmSId4/thp5v39MMgt+YxgONWmFeA1siDMdJAHlzjw40WavBTYcMLo5E8W82h0gBjXw2obsaZax2G3PqV1UhS7STKH+L5ewzrlUaVCFkNXzt6TRBUg9g9RayXY8n1r+YxqnQ5RFRWnatVD1M1fyHpCNNekgiyll9tesXWkYmNNwXbGI74eyR301+WeivwlEO3uNzA5o8d0QyoeTytQMLhYRWycoNHBoI4ArSYWzSNYugM4CE4U/nftAz1AgMBAAGjMjAwMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFDiHJZ4hK3VsWkp/FQV5IgDWXllUMA0GCSqGSIb3DQEBCwUAA4IBAQB4n8bw0ejUaNG4re/abnHystCPVMOQohO2zzjjm1Wy+c/Jsn0A6sGNzzL+x2L2VKCAiQMq5up4exLh2le1oaJcaWNQ4FfUCmJPHEf4ZR6v+QlYUntm2uD/ndwWqxGDdZj9/tgVhuma1NyNKRbPpOMPV7EDBgBu30q7meTn5saMoUqCIk/ZejhtedcirDCTJ6qJtt1PWzjOwNg0EBJtAU7p2X5UByGUagqs5UjKBG14jLsBf/RrbuqC8ko/4MJCUG0YU7eoHuKuxS0hpCQpyMZloUdyUq2TFevRx79yDiDXKuTEnnQhVeixZvLm0GxT62EFuPWnL/sKo7ITYnpNpJvK"));
  X509Chain verify = new X509Chain();
  verify.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck;
  verify.ChainPolicy.ExtraStore.Add(issuerCertificate);
  verify.ChainPolicy.VerificationFlags = X509VerificationFlags.AllowUnknownCertificateAuthority;

  // Check if the chain accepts it. This can mean that it's from a CA we trust OR our own CA.
  bool isAcceptedByChain = verify.Build(new X509Certificate2(certificate));

  if (isAcceptedByChain)
  {
    // Validate with the last added CA, that's our CA
    return verify.ChainElements[verify.ChainElements.Count - 1].Certificate.Thumbprint == issuerCertificate.Thumbprint;
  }

  return false;
}

Details (Advanced Users Only)

Property Value
Issuer Name CN=Unnamed Issuer
Issuer Key Type RSA
Issuer Key Size 2048
Issuer Validity Start 17/09/2019 17:32:39 (UTC)
Issuer Validity End 17/10/2019 17:32:39 (UTC)
Issuer Serial Number 00A33986DF34A677FB
Issuer Thumbprint 3F0885E4673A57C82FB180E2F210EDD46916A685
Certificate Name CN=Unnamed MLAPI Development Certificate
Certificate Serial Number 00BDC335F66724208D08E730C45CEE6B3F
Certificate Thumbprint 5C23F1384AA7AF0A7681EA3475D1500E5D73B11F
Certificate Key Type RSA
Certificate Key Size 2048
Certificate Validity Start 17/09/2019 17:32:39 (UTC)
Certificate Validity End 17/10/2019 17:32:39 (UTC)

Keys

These are the keys that were used

Issuer Public/Private Key

<?xml version="1.0" encoding="utf-16"?>
<RSAParameters xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
  <D>LsBp4iGQTAWdLRYutXRvQyHtIhOJT3pJSy4J+VqUUFxf+vMwGyRxdteS++Lbi72AGeUTXxuCHO95mhSy/Ndydmg3zfuRuWZWjb4UkI1q6KIljEe06RGG1uSjyYcBZ3QEK/6co7LQngBYswetwoSKM8S/h+g4Sm+6TtF1m3l1cRGT5pIBsHWdLGXCP45jJ91HzQe/igvWQnJcUGbhgCWo4ody36dRHNsJqjcF4vX0XVJZhsiUD6GUKd//NaqCS/y0yNifVyt7tIc4EdJhapqN2UhhgXDwWTPyp5r99ikWKUP94zLWKPDezHTg6d4dBXwKYY96TJ9ZZKBKLKbGEb/k3Q==</D>
  <DP>my8OtseCoffAmiHtDwJx8FKPAFaRgvgoWe+VODWGjga8BCcdpQ5Oq2YUa75B7reKlezubpTiQO9yuTq9BbejAu0zJmGG4sRRI3qdVrmDB95S5ZfRq1cCLFK43LHo+Hge+vZlA4VRULOk4k/TaYScjkQK+gJQOTTBsMeI8ghmFSM=</DP>
  <DQ>kdGlNQbmPYSuazYD93m3QJITgkucZvIU7k91Hj2ajkeaGY7nbZEZLbSbyWfFkxBIuRs7+cMWD5YQyE0970YW/mODHEcF+EofKncOAIeuSuuQ3j3/CHek4Uz7aEskYOYqUdLW4Rmmbe7ICN8ztf0tA1avDv8ijVztwSMEOQjUcTk=</DQ>
  <Exponent>AQAB</Exponent>
  <InverseQ>CgL5gWcF8vbzjaujxApU03ZwrrHpDORAp7VXhY26S4Zsae5Kht7Ok08CFBDHNIZgYv0rcyyXfyxyy6lgJFk6rUGFVmvZdTQ0LlPLPpUWGlBbGCy174Vy3LhSy2mxp4/FjmGHbJ80ap6Q2fDjyxZ4gA3+n6plXPSRJTMGQmRZOIs=</InverseQ>
  <Modulus>vGyDFhxIENgD8mNF+QcsqBfO0X1KVu1zb7gKUWan9pCfT3lpkDNVFKfZ5Jq3Ejs5L3v3UAlW1KcLL7jrqxaMjYq/gNkgHZkiHeP7Yaeb9/TDILfmMYDjVphXgNbIgzHSQB5c48ONFmrwU2HDC6ORPFvNodIAY18NqG7GmWsdhtz6ldVIUu0kyh/i+XsM65VGlQhZDV87ek0QVIPYPUWsl2PJ9a/mMap0OURUVp2rVQ9TNX8h6QjTXpIIspZfbXrF1pGJjTcF2xiO+Hskd9Nflnor8JRDt7jcwOaPHdEMqHk8rUDC4WEVsnKDRwaCOAK0mFs0jWLoDOAhOFP537QM9Q==</Modulus>
  <P>8gRcdj7Ecs9x5kuetLHp5zu9Od1GdlO8MpxydBFE4/2/Cpap53lFEwRzu53PCgrW3s1icsFNF4f8yaBiDtsnjuMIkZm/wa/qT8QPh8NiU1uPUtw9/G8sm1+SJbOOiNfL0sg3X/e+ldSAVOzpklur4E0nyVnvqJlvpLn1sJs47Q8=</P>
  <Q>x092VEB4pRniOn9ohsonTuBkkdE47btseLruHMKlqVjS1lbBV7a9mKpjzz2mkwGqJ4fVOnKZDgKxYMxfOzNEg5yoX49rsm8M/OTQ0kNv/GEbUxeKqMtihb6A5KJ2Vh90M1NmmJ28guZ32cSRbCzdV1ip22KnX5FDEgHzYOvY7bs=</Q>
</RSAParameters>

Certificate Public/Private Key

<?xml version="1.0" encoding="utf-16"?>
<RSAParameters xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
  <D>aH7DPBpfMhG2HkIkZjKKm0yb2O10gAUFTE+QvGUI4sgXUGLnhi5MisnY0SWiysLpLT4sF52ID3MJleMUAX+Hnl6TVhXAe82Vy1ZCqnTT0Y2sjLuNYJRB96kpD8I67f5lQD8263ySbYvUDkQhSf/qUeVA3c90UI3zN8emylp2A7nnasR+bsqCNRRd1LZ0zaDGjiREh5Cl5xroQWQoAqEs52Mngx4YZGn3vDNBeLvVqBMYFgv6hX/cJLdnfxytV53dIwc1Yl52c5RgzI+ohRRTovw0GCQkuOBReroAMDZIjcgjFo71kVKGAoOrzpdZkvx+sBPGRg8DMS4Y6toanRIAmQ==</D>
  <DP>pyjLzx7xrBdcOBamcuHEv4tHMXfDs5RRtjlrATRhxO7a6YP88WJ/hUp2IowaeVmVP2bJMH1h+LsS0lsJ6v8gy+J2YNnmNlv1b76FfcveNp1en6nkvMXkFUwsYRGPM8gvUZ/iyJWZFAFIa5WQYttsoSuo+LG/mdsabvpbsEq0o20=</DP>
  <DQ>4aV9YBb1yaAj0M876leA3S8tmv2aESHxwprs73ieI9iCZT/NjNg7bPF0W4f7AL6TsTdYY/PN71HAQ+qydlRuY9M7axak7gIo57aD+9+LvxI9OtaIPKgUZYQ3ZK+GvctlzfQFEvuhPV1ENakfyjTf5EOlGPz/ZMzBwNbhi2NZYnM=</DQ>
  <Exponent>AQAB</Exponent>
  <InverseQ>umJdqzTNZh+1TXD+djjK44ls/olTyOHMQc4sceIcGRAEleeEWWBP+PxFNWzuPe4LtBi3ArqnRZuFIFGSvpvqVArX9+M1mYFpI5ryyMGZydfs5q6BauiSYNaY8852/6UmGWtSrbZbTvjsgbZd+5qUbbsgM42tQKGT1Le+TV0a54I=</InverseQ>
  <Modulus>3q4SXsZw8gGiEgP8AdsUtYagkYQ3Lz5kVViYEJAmsGEtNDXwhrMOzzDK7wXGxEN9z+GUAEemvYQcxp55RUT7oyeFPcpp/uKYifKhqQ8E3U0D/7wGsZVwbMW4dBlT5HEJB1iDAsapqcfopK+aGOHrVoRxbu4N4nwgnJV9QutxRrYxSxe2W3fAmXVZ4LbZq1Y2DwlNkcRBugPbPwZhN5sz255BYD0B9oNGeAa1FZPmVZF1gC9Ynd1sfu1JU6nrhMiH+jomqPOs2Dl0bo0W4dJg6b97LYA363eK7G3yxCfQvAI5TZG6xNX8WgAkRLzi06rujOQs23M+89l2mkYaKLR9NQ==</Modulus>
  <P>9QxUG4CDoXQHMGdXA6G4Vk6UnPx9oZuXSr8DdlYSZoEdoUfbMv7Hnh1QvDOz8K0/NmlYK1/QqsOnV5a000iYy4Ir+Vvstx3bEzqKlAtK1YUZB6RQEabtM55Lxwu9j0etOyAO5B13MkdrvVWVyn4LXUh5DlfAY9YbqJNLtJY9lNc=</P>
  <Q>6KHSZSuwkknzqBu5wdv0PlspO/8y5te2Vo/KXlA3+pUFQSGkSfoxqLxguCMszfxJ68Wc/IRvd5eVSbyF6feaMggLCyzuPz8MWcUtvNFUAyIO/keKxnte/G4viB3IQw1XGZd1yQQ7wBd11U9R6bdyovWm2aReUohLy/z/T/x5sNM=</Q>
</RSAParameters>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment