SLASCONE's full functionality can only be unleashed when clients have at least sporadic internet connectivity. However, many software vendors face the challenge that despite the overwhelming majority of their customers/installations being online, there is a small minority of completely offline installations.
When an installation is offline, there are two options:
- demand a temporary connection just for activation. This is the easiest way for both vendor and end-customer.
- use license files. The rest of this article deals with this topic.
For such cases, SLASCONE allows you to create a digitally signed xml license file. This mechanism allows you to at least activate a completely offline installation.
It is beyond this article's scope to explain how xml signatures work. More about this topic can be found here.
ENABLING LICENSE FILES
The license file functionality can be enabled as a product property.
VARIABLES
You can use several variables (e.g., ##licensekey##) in the license file name. These variables are available:
Variable | Value |
---|---|
##product## | The name of the product. |
##edition## | The selected edition |
##customernumber## | Customer number |
##licensekey## | License key |
##legacykey## | Legacy license key |
##description## | License description |
##expirationdate## | Expiration date |
DISTRIBUTING LICENSE FILES
You can just download the license file as it is shown here:
or use the send license email functionality. In this case, you can choose if the license file should be attached to the email.
CLIENT/API CONSIDERATIONS
It is highly improbable that all of your clients are always offline. In addition to that, it is recommended to use the native license code based mechanism of SLASCONE. Therefore, you will practically have to let users choose between license code (online/recommended) and license files (offline):
PARSING THE LICENSING FILE
The structure and fields of the xml license file are similar/identical to the response of the activation function (LicenseDto). You can download a sample file here.
PROTECTION AGAINST MULTIPLE ACTIVATIONS
Contrary to the native online license mode, making sure that the same license file can not be used to activate more than one client, requires more effort. There are two approaches:
- preactivation
- 2-step activation
PREACTIVATION
The process of preactivation has been significantly simplified with SLASCONE 7.1. Instead of using a generic extra variable, you can now use the out-of-the-box "preactivation client-id" field when saving the license, or activate a token after the generation of a license. In his case the generated license/token file includes the element client_id.
When trying to activate such a license file, the client (your software) has to make sure that its client_id matches the client_id of the license file. If you are using our official NuGet package, this check is performed automatically.
Obviously, this approach is only viable if you know the client_id of the target machine. This might be the case if you are the hardware manufacturer (IoT scenarios), but becomes problematic in typical desktop or web applications. In the later case, it is recommended to use the 2-step activation.
2-STEP ACTIVATION
The 2-step activation is a hybrid mode, enabling an activation through a "proxy" device, which has connection to the internet. In this scenario, not one, but two xml files are necessary:
- the license file
- the activation file
Step 1: A license file is generated exactly as already explained in this article. The target client reads the license file and instead of calling the activation method (which is not possible since it is offline), just generates a regular URL link, in the form of text
GET /isv/{isv_id}/provisioning/activations/offline
or a qr code:
Step2: This link or qr code is copied (to a proxy computer with internet connection) or photographed to a mobile device. When clicking on this link, SLASCONE checks the validity of the link and generates an xml activation file.
This has to be inserted in the target (offline) client, which then successfully activates the software if:
- the two xml files contain the same license_key.
- the client_id contained in the activation file, is identical to the device's unique id.
In any other case, the activation is not successful.
PROTECTION AGAINST FILE MANIPULATION
Similar to the content of every API response (in json format), the content of the xml file is digitally signed in order to prevent file manipulation. The signature value is attached on the bottom of the xml license.
LICENSE DEACTIVATION
License deactivation (revoke) refers to the process of unassigning a license code from a device, so that it can be used to activate another device, typically required in hardware migration scenarios.
While this is a simple procedure when done online, it opens up a lot of security holes when done offline and is therefore not encouraged or supported. In such cases, the licensee should either contact the vendor directly or use the Customer Portal.
SWITCHING BETWEEN ONLINE AND OFFLINE MODE
OFFLINE -> ONLINE
This scenario is pretty straightforward, since the license file already contains the unique license_key. You can use this key to activate this license (without any user intervention), thus enabling a seamless switch.
ONLINE -> OFFLINE
In case a client goes permanently offline, a license file is needed.
Comments
0 comments
Please sign in to leave a comment.